The US Marshals Service (USMS) has confirmed falling victim to a ransomware attack that resulted in the compromise of sensitive law enforcement information. On Monday, USMS Chief of Public Affairs Drew Wade said the incident was identified on February 17 and involved a standalone system that was disconnected from the network. The affected system contained law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information of subjects of USMS investigations, third parties, and certain USMS employees.
USMS is treating the attack as a major incident but has been able to continue operations, and no information related to the Witness Security Program was compromised. The Department of Justice has launched a forensic investigation into the ransomware attack. Ryan McConechy, senior consultant at Barrier Networks, commented that the information obtained in this breach will be highly sensitive and could be used in extortion, sold onto nation state actors, or even put the safety of US citizens at risk if their personal information is exposed.
The US Marshals Service is responsible for a variety of essential law enforcement activities and its protection of sensitive information is of utmost importance. The attack on its system highlights the need for organizations to have comprehensive security measures in place to protect their data and systems from malicious attacks.
In summary, the US Marshals Service confirmed that a ransomware attack resulted in the compromise of sensitive law enforcement information. USMS is treating the attack as a major incident, and the Department of Justice has launched a forensic investigation into the incident. The information obtained in this breach is highly sensitive and could be used for malicious purposes, emphasizing the need for organizations to have comprehensive security measures in place to protect their data and systems.
Key Points:
- The US Marshals Service (USMS) confirmed falling victim to a ransomware attack.
- The affected system contained law enforcement sensitive information and personally identifiable information.
- No information related to the Witness Security Program was compromised.
- The Department of Justice has launched a forensic investigation into the incident.
- The attack emphasizes the need for organizations to have comprehensive security measures in place.