The U.S. Marshals Service suffered a security breach a week ago that compromised sensitive information, several senior U.S. law enforcement officials said Monday.
In a statement on Monday, Drew Wade, a spokesman for the US Marshals Service, told NBC News: “The affected system contained information sensitive to law enforcement, including proceeds of law enforcement, administrative information and personally identifiable information about the subjects of USMS investigations. Parties and certain USMS employees.”
Wade said the incident occurred on February 17 when the Marshals Service “discovered a ransomware and data exfiltration event affecting private USMS systems.”
The computer was disconnected from the network, and the Department of Justice began a forensic investigation, Wade said.
On Wednesday, after the company briefed senior department officials, “those officials determined that it was a major incident,” he said.
Wade said the investigation is ongoing.
A senior law enforcement official familiar with the incident said the database breach involved the Witness Protection Program, commonly known as the Witness Protection Program. The official said no one in the witness protection program was at risk because of the breach.
Nonetheless, the incident is significant in that it affects vital law enforcement information regarding subjects of Marshal Service investigations.
The agency was able to work out a solution so that operations and efforts to trace the fugitives could continue, the official said.
