A ransomware attack on the US Marshals Service has affected a computer system containing “law enforcement sensitive information,” including personal information belonging to targets of investigations, a US Marshals Service spokesperson said Monday evening.
“The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” spokesperson Drew Wade said in a statement.
The Marshals Service, which handles federal prisoners across the US and pursues fugitives, discovered the hack and theft of data from its network on February 17. The service “disconnected the affected system, and the Department of Justice initiated a forensic investigation,” Wade said in the statement.
The Justice Department subsequently determined it “constitutes a major incident,” according to the statement. A “major incident” is a hack that is significant enough that it requires a federal agency to notify Congress.
A senior official familiar with the matter told CNN that no data related to the witness protection program was obtained during the incident.
The Justice Department’s investigation into the incident is ongoing.
NBC News first reported on the incident.
It’s at least the second significant malicious cyber incident to affect US federal law enforcement agencies in February.
The FBI had to move to contain malicious activity on part of its computer network earlier this month, CNN first reported at the time. FBI officials believe that incident involved an FBI computer system used in investigations of images of child sexual exploitation, two sources briefed on the matter told CNN.
There was no immediate indication that the US Marshals Service and FBI cyber incidents were related.