U.S. Marshals Service suffers a ransomware attack

1 year ago AndyC

The
U.S.
Marshals
Service
(USMS)
was
the
victim
of
a
ransomware
attack,
it
is
investigating
the
theft
of
sensitive
information.

The
U.S.
Marshals
Service
(USMS)
announced
that
a
ransomware
attack
has
impacted
“a
stand-alone
USMS
system.

The
U.S.
Marshals
Service
(USMS)
was
the
victim
of
a
ransomware
attack,
it
is
investigating
the
theft
of
sensitive
information.

The
U.S.
Marshals
Service
(USMS)
announced
that
a
ransomware
attack
has
impacted
“a
stand-alone
USMS
system.”
The
US
bureau
is
investigating
the
theft
of
sensitive
information
following
the
security
breach.

The
infection
occurred
on
February
17,
2023,
once
discovered
the
infection
the
Marshals
Service
disconnected
the
system
from
the
network
and
the
Justice
Department
launched
a
forensic
investigation.

The
USMS
is
a
US
federal
law
enforcement
agency,
it
is
a
bureau
within
the
U.S.
Department
of
Justice,
operating
under
the
direction
of
the
Attorney
General.
The
agency
serves
as
the
enforcement
arm
of
the
United
States
federal
courts
to
ensure
the
effective
operation
of
the
judiciary
and
integrity
of
the
Constitution.
The
Marshals
Service
is
primarily
responsible
for
the
protection
of
judges
and
other
judicial
personnel,
the
administration
of
fugitive
operations,
the
management
of
criminal
assets,
the
operation
of
the
United
States
Federal
Witness
Protection
Program
and
the
Justice
Prisoner
and
Alien
Transportation
System,
the
execution
of
federal
arrest
warrants,
and
the
protection
of
senior
government
officials
through
the
Office
of
Protective
Operations.

According
to
NBC,
the
database
involving
the
Witness
Security
Program,
commonly
known
as
the
witness
protection
program,
was
not
impacted
by
the
incident.

“The
U.S.
Marshals
Service
suffered
a
security
breach
over
a
week
ago
that
compromises
sensitive
information,
multiple
senior
U.S. law
enforcement
officials said
Monday.”

reported
NBC.

The
agency
confirmed
that
the
system
infected
with
the
ransomware
contains
law
enforcement-sensitive
information.

“The
affected
system
contains
law
enforcement
sensitive
information,
including
returns
from
legal
process,
administrative
information,
and
personally
identifiable
information
pertaining
to
subjects
of
USMS
investigations,
third
parties,
and
certain
USMS
employees,”
spokesperson
Drew
Wade
told
NBC.

According
to
NBC
News,
senior
department
officials
classified
the
security
breach
as
a
major
incident.”

Follow
me
on
Twitter:

@securityaffairs
and

Facebook
and

Mastodon

Pierluigi Paganini

(SecurityAffairs –

hacking,
ransomware)

Share
On

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts