The US Marshals have been hit by a major ransomware attack

>

The US Marshals Service (USMS), a sector within the Department of Justice, has been hit by what it describes as a “major” ransomware (opens in new tab) attack, which may have compromised sensitive employee data.

Department spokesman Drew Wade confirmed that the incident, which he says occurred on Feb. 17, was a “ransomware and data exfiltration event that compromised a standalone USMS system.”

That system has since been disconnected from the wider USMS network as the organization investigates the aftermath. Apparently, personnel data has been compromised, along with sensitive data about the department’s work.

Unknown threat actors

“The affected system contains sensitive information for law enforcement, including legal process reports, administrative information, and personally identifiable information related to subjects of USMS investigations, third parties, and certain USMS employees,” said Wade.

Beeping computer reported that sources “close to the incident” confirmed that the attackers did not have access to the department’s Witness Security Files Information System – the witness protection database.

As the investigation continues, other details are scarce. At this time, it is not known which group is behind the attack, how much money they demand in exchange for the decryption key, or how they managed to infiltrate the USMS systems.

What we do know is that this is not USMS’s first cyber incident. Back in 2020, Beeping computer recalls, the department has released the details of more than 380,000 former and current inmates, including their names, birthdays, mailing addresses and social security numbers.

In the incident, the attackers managed to breach one of USMS’s public servers, called DSNet. These servers handled the housing and movement of prisoners, the report said.

Law enforcement organizations in the United States are often in the crosshairs of malware operators. Just a week ago, it was reported that the FBI was the victim of a cyber attack that compromised a New York Field Office computer system used by the FBI to investigate cases of child sexual exploitation.

Through: Beeping computer (opens in new tab)

Related Post