The U.S. Marshals Service reported a cyber intrusion that put potentially sensitive law enforcement information at risk, the agency acknowledged Monday.
Agency spokesman Drew Wade said the ransomware incident targeting a “stand-alone” system was discovered Feb. 17, prompting officials to “disconnect” its operation while launching an investigation into what authorities described as a “major incident.”
“The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” Wade said.
Justice Department officials were briefed Feb. 22, and an investigation is ongoing, though the breach did not extend to the agency’s sensitive Witness Security program, officials said.
The highly secretive witness protection program has provided new identities to more than 19,000 witnesses and their family members, since the program began in 1971, according the agency.
The breach was first reported Monday by NBC News.
