The US Marshals Service (USMS), a division of the Department of Justice, is calling out “significant” ransomware (opens in a new tab) Attack in which sensitive employee data may have been obtained.
Department spokesman Drew Wade confirmed the incident, which he said occurred on Feb. 17 and was a “ransomware and data breach impacting a stand-alone USMS system.”
The system has been disconnected from the wider USMS network while the organization investigates the aftermath. Apparently, employee data was stolen as well as sensitive data on departmental work.
unknown threat actor
“The affected systems contained law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information related to USMS respondents, third parties, and certain USMS employees,” Wade said.
Beep computer Sources “close to the incident” confirmed that the attackers did not have access to the department’s Witness Protection Database, the witness security file information system, the report said.
Other details are scant as the investigation continues. At this time, it’s unclear who the group is behind the attack, how much they’re asking for in exchange for a decryption key, or how they managed to infiltrate the USMS system.
What we do know is that this is not the USMS’s first cyber incident. Back in 2020, Beep computer As a reminder, the department released the details of more than 380,000 former and current inmates, including their names, birthdays, postal addresses and social security numbers.
In this incident, attackers managed to compromise one of the USMS’ public-facing servers, called DSNet. The servers were handling the housing and movement of prisoners, the report said.
Law enforcement agencies in the United States are frequently targeted by malware operators. Just a week ago, the Federal Bureau of Investigation (FBI) was reported to have suffered a cyber attack in which the computer systems of the FBI’s New York field office, which is used to investigate child sexual exploitation cases, were compromised.
pass: Beep computer (opens in a new tab)
