It has now been revealed that earlier last week the U.S. Marshals Service (USMS), a law enforcement agency operating under the Department of Justice, fell victim to a major security breach from hackers which may have leaked compromising information on numerous individuals involved with the agency. The USMS is responsible for the operation of the Witness Protection Program, and many at first worried that people involved in the program may have been potential targets of the attack. This has, however, been determined not to be the case, and it has been revealed that the information leaked would have mostly pertained to senior law enforcement officials. Investigators still consider it to be a ‘major’ breach, and an investigation is currently ongoing.
NBC NEWS: U.S. Marshals Service suffers ‘major’ security breach that compromises sensitive information, senior law enforcement officials say
By Andrew Blankstein, Michael Kosnar, Jonathan Dienst and Tom Winter; February 27, 2023
The U.S. Marshals Service suffered a security breach over a week ago that compromises sensitive information, multiple senior U.S. law enforcement officials said Monday.
In a statement Monday, U.S. Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”
Wade said the incident occurred Feb. 17, when the Marshals Service “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system.”
The system was disconnected from the network, and the Justice Department began a forensic investigation, Wade said.
He added that on Wednesday, after the agency briefed senior department officials, “those officials determined that it constitutes a major incident.”
The investigation is ongoing, Wade said.
A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger because of the breach.
Nevertheless, the official said, the incident is significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations.
The official said the agency has been able to develop a workaround so it is able to continue operations and efforts to track down fugitives.
Photo: Andrew Kelly/Reuters