The breach allegedly poses no risk to those in the witness protection program
The US Marshals Service has suffered a significant cyber attack which targeted a system containing “sensitive information,” the federal policing agency said, deeming the hack a “major incident.”
Marshals Service spokesman Drew Wade confirmed the breach on Monday, telling NBC News the attack occurred on February 17 and involved a ransomware attack on a “stand-alone USMS system.”
“The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” Wade said, adding that the Justice Department has launched a “forensic investigation.”
The spokesman noted that the system was disconnected from the wider network during the attack, but nonetheless said senior officials had “determined that it constitutes a major incident” following briefings last week.
A senior law enforcement official reached by NBC clarified that the hack did not affect any systems involved with the Witness Security Program, which is overseen by the Marshals Service. The program ensures witnesses facing potential threats of violence are protected before, during and after legal proceedings. The official added that the security breach was “significant” given that it could have revealed information about ongoing Marshals Service investigations.
The service faced another major hack in 2020, which targeted a system used to track the movement of prisoners held in the Marshals’ custody, forcing the agency to notify nearly 400,000 inmates that their personal information may have been stolen, including their names, dates of birth, home addresses and even social security numbers.