Security News > 2023 > February > US Marshals Service leaks ‘law enforcement sensitive information’ in ransomware incident
The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a "Major" breach of its information security defenses allowed a ransomware infection and exfiltration of "Law-enforcement sensitive information".
NBC broke news of the incident, which Marshals Service spokesperson Drew Wade described as having impacted a system that "Contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."
The Register has asked the Service to confirm reports of the incident and to detail the nature of the attack, the duration of the incident, what remediations have been implemented, and whether systems have been restored.
The incident adds another to a long list of recent, serious, breaches of US government security.
That shame file includes the 2015 leak of four million employee records and data describing millions more people from the Office of Personnel Management, plenty of SolarWinds-related attacks in 2020, the July 2021 breach of the Federal Courts, the Iranian use of the Log4J vulnerability to attack US government targets, and the compromise of the US Cyber Ambassador's Twitter account in February 2023.
US government agencies have often struggled to implement guidance from Washington, as we discovered when NASA's auditor reported that the space agency has not hit deadlines to develop a proper software asset management plan.
News URL
Related news
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Troubled US insurance giant hit by extortion after data leak (source)
- Ransomware fiends boast they've stolen 1.4TB from US pharmacy network (source)
- US charges Phobos ransomware admin after South Korea extradition (source)
- Phobos ransomware administrator faces US cybercrime charges (source)
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)