article featured image


According to multiple senior U.S. law enforcement officials, the U.S. Marshals Service suffered a security breach more than a week ago, leading to sensitive information being compromised.

U.S. Marshals Service spokesperson, Drew Wade, said that the incident occurred on February 17, when the service discovered a “ransomware and data exfiltration event affecting a stand-alone USMS system.”

What Information Was Stolen?

In a statement released Monday, Drew Wade told NBC News that the affected systems contained sensitive information such as returns from legal processes, administrative information, and PII of subjects of USMS investigations, employees, and third parties.

After discovering the hack, the Marshals Service disconnected the affected system, and the Department of Justice initiated a forensic investigation.

The Breach Is Considered a “Major Incident”

The Department of Justice determined that the breach “constitutes a major incident”, which is an incident considered significant enough that it requires a federal agency to inform the Congress about it.

According to a senior law enforcement official familiar to the incident, the breach did not affect the database containing information on the Witness Security Program, also known as the witness protection program. The official ensured that no one in the witness protection program is at risk due to the breach.

The incident however is still significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations.

Since the incident, the agency has been able to develop a workaround to allow them to continue its operations and efforts to track down the responsible threat actors. Nonetheless, the Justice Department’s investigation into the incident is still ongoing.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Cristian Neagu


linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

Leave a Reply

Your email address will not be published. Required fields are marked *