Hackers steal law enforcement data from US Marshals
In a major breach this month of ransomware into a computer system at the US Marshals Service, hackers stole sensitive and personally identifiable information about agency employees and targets of investigations, an agency spokesman said Tuesday.
The hacked system was disconnected from the network shortly after the breach and stolen data was discovered on February 17th. The Justice Department determined the incident was serious and launched an investigation as marshals are working “quickly and effectively” to contain any risks associated with the violation, agency spokesman Drew Wade said Tuesday.
The hack was first reported by NBC News.
The incident was the latest example of cybercriminals targeting a government agency in a ransomware conspiracy and raises questions about the Department of Justice’s cybersecurity protocols.
On February 17, CNN also reported that an FBI computer system had been broken into. It quoted unnamed sources as saying the system is located in the FBI’s New York field office. When asked about the intrusion, the bureau issued a statement describing the intrusion as “an isolated incident that has been contained.” It declined further comment, including the timing of the intrusion and whether ransomware was involved.
Ransomware attacks have become the world’s biggest cybersecurity problem. They have shut down everything from the UK postal service to Ireland’s national health network to the Costa Rican government. Schools, hospitals and local governments are routinely attacked.
The FBI and international law enforcement officials scored a victory last month when they at least temporarily disrupted a prolific ransomware gang and potentially saved $130 million in ransom payments.
In ransomware attacks, organized gangs break into computer networks and seed malware that paralyzes them by encrypting data. But before they activate the ransomware, they steal data. The criminals can then hold the data hostage even if the target quickly restores the affected network with backup data.
The hacked US Marshals system contains sensitive law enforcement information and personal data about investigation subjects and certain US Marshals employees, the agency said. It is tasked with tracking fugitives, transporting federal prisoners, protecting witnesses, and providing court security.
In May 2021, hackers targeted the largest fuel pipeline in the US, prompting operators to shut it down briefly and pay a multimillion-dollar ransom payment, most of which the federal government later recovered.
A hacker in December claimed to have violated an FBI-run outreach program that leaks sensitive information about national security and cybersecurity threats to public and private officials operating critical infrastructure across the United States.
Learn how to navigate and build trust in your organization with The Trust Factor, a weekly newsletter exploring what leaders need to succeed. Login here.
