The US Marshals Service (USMS) was hit by a ransomware attack that resulted in the theft of sensitive law enforcement data, NBC News reported.
According to US Marshals Service spokesperson Drew Wade, the incident took place on February 17 when the agency “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system. The breach is said to have affected a USMS system that holds law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and some USMS employees.
The impacted system was disconnected from the network, the investigation into the breach regarded as “major incident” is still ongoing.
A senior law enforcement official familiar with the matter told NBC that the incident did not affect the database involving the Witness Security Program (aka WITSEC or the witness protection program). The agency has been able to develop a workaround so it is able to continue operations.