The US Marshals Service has revealed that it suffered a breach that has exposed sensitive information, including administrative data and personally identifiable information of those under investigation by the service. The breach took place on 17 February and involved the discovery of ransomware and data exfiltration on a standalone USMS system.
The system was disconnected from the network, and a forensic investigation was launched by the Justice Department. Officials confirmed that the database that holds the Witness Security Program was not involved in the breach, so no witnesses were put at risk. However, the incident has been classified as a major incident, and an investigation is ongoing.
The US Marshals Service is responsible for tracking down and capturing fugitives, and the breach has the potential to seriously hamper these efforts. The agency has been able to develop a workaround to keep the system operational, but officials have warned that the incident has compromised sensitive law enforcement data pertaining to US Marshals Service investigations.
The use of ransomware by cyber criminals is increasing, and the incident is the latest in a long line of ransomware attacks on critical infrastructure in the United States. Ransomware is a type of malware that encrypts data, rendering it inaccessible to its owners. Cyber criminals then demand payment in exchange for the key to unlock the data.
The FBI has urged companies to report such incidents immediately to help law enforcement agencies investigate and prosecute cyber criminals.
