US Marshals Service says it's the victim of a 'major' ransomware attack
The intruders reportedly compromised sensitive data.
Federal law enforcement is once again dealing with a cybersecurity breach. The US Marshals Service (USMS) reports that it suffered a serious ransomware attack on February 17th. The perpetrators compromised sensitive data on a stand-alone system, including personally identifiable info for some USMS employees, third parties and the targets of investigations.
We've asked the USMS for comment. The agency tells CNBC that it disconnected the affected system from the network after discovering the attack, and that the Justice Department has launched an investigation. Senior officials briefed on the ransomware determined it was a "major" event on February 22nd.
The service hasn't identified potential culprits or named any impacted divisions or programs. A CNBC source claims the ransomware didn't touch the Witness Security Program. The USMS has reportedly created a workaround to maintain its activities, including hunting fugitives.
Word of the breach comes just over a week after the FBI said it "contained" a security incident on its network. Ransomware has also been problematic for various levels of government and public institutions in the past several months. The city of Oakland went so far as to declare a state of emergency in February following an incursion, while Los Angeles' Unified School District also reeled from a digital heist last fall.
The US government has escalated its fight against ransomware in the past two years. It brought 30 countries together to address ransomware in 2021, and recently succeeded in disrupting a major ransomware group that stole hundreds of millions of dollars from victims. However, the USMS breach suggests that the battle is far from over.