Sunday, December 8, 2024
HomeCyber AttackU.S. Marshals Service Hacked - Sensitive Information Leaked

U.S. Marshals Service Hacked – Sensitive Information Leaked

Published on

SIEM as a Service

The theft of critical law enforcement data is currently under investigation by the U.S. Marshals Service (USMS), triggered by a ransomware attack that targeted a stand-alone USMS system. 

The USMS has confirmed that the compromised information is of a sensitive nature and is working to identify the culprits behind the attack.

The United States Marshals Service (USMS) is a crucial bureau operating under the Department of Justice, catering to every facet of the federal justice system. 

- Advertisement - SIEM as a Service

Their functions span from executing federal court orders and seizing assets that have been acquired illegally, to safeguarding the well-being of government witnesses and their kin. Additionally, USMS provides a range of other services that are essential to the efficient functioning of the federal justice system.

As per a report by NBC, the federal law enforcement agency has confirmed that the recently stolen data contains personally identifiable information of its employees. The agency is taking immediate measures to contain the damage and has urged its employees to be extra vigilant with their personal information.

Here’s what the USMS spokesperson, Drew Wade stated:-

“On February 17th, a stand-alone USMS system was hit by a ransomware attack that resulted in a data exfiltration event.” 

However, the Marshals Service immediately took notice of the situation and launched an investigation to identify the attackers behind this incident. Even they also disconnected the affected system from the network to stop the further spread.

Sensitive Information Leaked

There is sensitive information contained within the affected system that is relevant to law enforcement, including:-

  • Returns from legal process
  • Administrative information
  • PII related to USMS investigations
  • PII related to third parties
  • PII related to USMS employees

USMS’ Witness Security Files Information System was not accessed by the attackers, as they were unable to establish any access to the system. While this security breach has not led to any danger to anyone in the witness protection program.

The recent incident involving the USMS system is a matter of significant concern, as it involves the theft of sensitive information related to ongoing investigations by the Marshals Service. 

The compromised data is of high importance to law enforcement agencies and could potentially jeopardize the safety and security of the subjects of these investigations. 

The USMS is treating this matter with utmost seriousness and taking all necessary measures to contain the damage caused by the breach.

Despite the recent ransomware attack and data exfiltration event, the USMS has managed to develop a temporary solution to ensure that their operations are not affected. 

The agency is working diligently to track down fugitives and suspects, even as it investigates the extent of the damage caused by the attack. While the situation remains precarious, the USMS is confident that their measures will allow them to continue their efforts until a permanent solution can be found.

Network Security Checklist – Download Free E-Book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...