The US Marshals Service Gets Hacked

The US Marshals Service (USAMS)is an agency within the Department of Justice is responsible for pursuing fugitives and handling federal prisons in the US has been hit by a ransomware attack.  The federal agency, best known for its work in tracking down and capturing fugitives wanted by law enforcement  has notified the US government of the breach.

According to the sources, the USMS suffered a major ransomware attack two weeks ago that has compromised some of its most sensitive information, including law enforcement materials, the personal information of employees and the potential targets of federal investigations.

The US Department of Justice is investigating the breach and this cyber-attack is considered a "major incident" by officials and has hit a particular system within the service and the attack was discovered on 17th February "Shortly after that discovery, the USMS disconnected the affected system, and the Department of Justice initiated a forensic investigation," a spokesman told reporters.

The hackers were able to obtain administrative data, like personal information of certain employees, and about wanted fugitives, as well as information on unidentified third parties. The affected system also contained sensitive law enforcement information, including about ongoing legal procedures.

Officials at the Department of Justice, which oversees the USMS, deemed the cyber breach a "major incident" on Feb. 22, following a briefing by the Marshals Service. Under US policy, major incidents are considered to be "significant cyber incidents" deemed likely to result in demonstrable harm to US national security, foreign relations or the economy, or to the public confidence, civil liberties, or the public health and safety of the American people. 
Federal agencies are required to report "major incidents" to Congress within seven days of identification.

The Marshalls Department's recovery efforts are continuing, alongside a forensic investigation. "We are working swiftly and effectively to mitigate any potential risks as a result of the incident," the spokesman said. 

CBS:      BBC:      Reuters:     Guardian:     NBC:     Security Week:  

You Might Also Read:

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Banning Ransomware Payments - Will It Work? 
New US National Cyber Security Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

Cipher Security

Cipher Security

Cipher Security provides unique robustness tests and penetration tests, as well as customizable development services for vendors and providers.

National Authority for Electronic Certification and Cyber Security (AKCESK)

National Authority for Electronic Certification and Cyber Security (AKCESK)

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

Indeed

Indeed

Indeed is a worldwide employment-related search engine for job listings covering job types in all industries, including cybersecurity.

Cybersecurity Collaboration Forum

Cybersecurity Collaboration Forum

The mission of the Cybersecurity Collaboration Forum is to foster information security communication and idea sharing across the C-Suite, enabling leaders to better protect their enterprises.

Neuvoo

Neuvoo

Neuvoo is one of the largest job sites in the world. Our mission is to centralize all jobs available on the web, whether they come from company websites, staffing agencies or job boards.

BrandSecurity

BrandSecurity

BrandSecurity is a Russian company which specializes in providing services to protect brands on the Internet (rapid detection and prevention of illegal use of intellectual property).

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Cyphere

Cyphere

Cyphere is a cyber security company that helps to secure most prized assets of a business. We provide technical risk assessment (pen testing/ethical hacking) and managed security services.

National Cyber Coordination & Command Centre (NC4) - Malaysia

National Cyber Coordination & Command Centre (NC4) - Malaysia

NC4 is established as a center for dealing with cyber threats and crisis at the national level in Malaysia.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.