The U.S. Marshals Service suffered a security breach over a week ago that compromises sensitive information, multiple senior U.S. law enforcement officials said Monday.
In a statement Monday, U.S. Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”
Wade said the incident occurred Feb. 17, when the Marshals Service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system."
The system was disconnected from the network, and the Justice Department began a forensic investigation, Wade said.
He added that on Wednesday, after the agency briefed senior department officials, "those officials determined that it constitutes a major incident.”
The investigation is ongoing, Wade said.
A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger because of the breach.
Nevertheless, the official said, the incident is significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations.
The official said the agency has been able to develop a workaround so it is able to continue operations and efforts to track down fugitives.