The US Marshals Service suffered a security breach over a week ago that compromised sensitive information, multiple senior US law enforcement officials said Monday.
In a statement Monday, US Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal processes, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”
Wade said the incident occurred Feb. 17, when the Marshals Service “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system.”
The system was disconnected from the network, and the Justice Department began a forensic investigation, Wade said.
He added that on Wednesday, after the agency briefed senior department officials, “those officials determined that it constituted a major incident.”
The investigation is ongoing, Wade said.
A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger because of the breach.
Nevertheless, the official said, the incident was significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations.
The official said the agency has been able to develop a workaround so it is able to continue operations and efforts to track down fugitives.
Zoë Richards contributed.