US law enforcement officials disclosed Monday that the US Marshals Service suffered a security breach over a week ago that compromises sensitive information.
In a statement to NBC News, US Marshals Service spokesperson Drew Wade said, “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”
Wade added that on Feb. 17 the Marshals Service “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system.”
The breach was revealed on the same day CISA Director Jen Easterly warned that cyber intrusions “can do real damage to our nation—leading to theft of our intellectual property and personal information.”
Wade also noted that the system was disconnected from the network, the Department of Justice began an investigation, and senior department officials, “determined that it constitutes a major incident.”
A senior law enforcement official told the outlet that the breach did not involve the database involving the witness protection program, formally known as the Witness Security Program.
However, the official noted that the breach affected information pertaining to the subjects of Marshals Service investigations.
According to CBS, under US policy, all “major incidents” are considered to be “significant cyber incidents” if likely to result in “demonstrable harm to US national security, foreign relations or the economy, or to the public confidence, civil liberties, or the public health and safety of the American people.”
The outlet noted that federal agencies are required to report “major incidents” to Congress within seven days of identification.