The theft of critical law enforcement data is currently under investigation by the U.S. Marshals Service (USMS), triggered by a ransomware attack that targeted a stand-alone USMS system. 

The USMS has confirmed that the compromised information is of a sensitive nature and is working to identify the culprits behind the attack.

The United States Marshals Service (USMS) is a crucial bureau operating under the Department of Justice, catering to every facet of the federal justice system. 

Their functions span from executing federal court orders and seizing assets that have been acquired illegally, to safeguarding the well-being of government witnesses and their kin. Additionally, USMS provides a range of other services that are essential to the efficient functioning of the federal justice system.

As per a report by NBC, the federal law enforcement agency has confirmed that the recently stolen data contains personally identifiable information of its employees. The agency is taking immediate measures to contain the damage and has urged its employees to be extra vigilant with their personal information.

Here’s what the USMS spokesperson, Drew Wade stated:-

“On February 17th, a stand-alone USMS system was hit by a ransomware attack that resulted in a data exfiltration event.” 

However, the Marshals Service immediately took notice of the situation and launched an investigation to identify the attackers behind this incident. Even they also disconnected the affected system from the network to stop the further spread.

Sensitive Information Leaked

There is sensitive information contained within the affected system that is relevant to law enforcement, including:-

• Returns from legal process
• Administrative information
• PII related to USMS investigations
• PII related to third parties
• PII related to USMS employees

USMS’ Witness Security Files Information System was not accessed by the attackers, as they were unable to establish any access to the system. While this security breach has not led to any danger to anyone in the witness protection program.

The recent incident involving the USMS system is a matter of significant concern, as it involves the theft of sensitive information related to ongoing investigations by the Marshals Service. 

The compromised data is of high importance to law enforcement agencies and could potentially jeopardize the safety and security of the subjects of these investigations. 

The USMS is treating this matter with utmost seriousness and taking all necessary measures to contain the damage caused by the breach.

Despite the recent ransomware attack and data exfiltration event, the USMS has managed to develop a temporary solution to ensure that their operations are not affected. 

The agency is working diligently to track down fugitives and suspects, even as it investigates the extent of the damage caused by the attack. While the situation remains precarious, the USMS is confident that their measures will allow them to continue their efforts until a permanent solution can be found.

Network Security Checklist – Download Free E-Book