US Marshals Service hit with ransomware attack

The incident occurred on Feb. 17 according to a spokesperson.

February 27, 2023, 9:30 PM

The United States Marshals Service (USMS) was hit with a ransomware attack the agency said in a statement. The incident occurred on February 17, and "officials determined that it constitutes a major incident," according to an agency spokesperson.

Ransomware is a type of malware that locks up computer systems until a "ransom" is paid to unlock the system.

MORE: BOP finalizes moving inmates from private prisons

PHOTO: A man in handcuffs detained by US Marshals on an undated image shared by the Service. — A man in handcuffs detained by US Marshals on an undated image shared by the Service.
US Marshals Service

"Shortly after that discovery, the USMS disconnected the affected system, and the Department of Justice initiated a forensic investigation," according to the spokesperson. "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

The nation's oldest law enforcement agency did not say who was behind the attack nor did they say if they paid the ransom to unlock the affected system.

MORE: Expert calls ransomware ‘the defining cyber scourge of our time’

The government warns against paying the ransom.

The USMS released a statement regarding the ransomware attack acknowledging that a current investigation is underway. “The Department's remediation efforts and criminal and forensic investigations are ongoing. We are working swiftly and effectively to mitigate any potential risks as a result of the incident,” they said.