The ransomware scourge has hit a computer system at the US Marshals Service. 

Details are scant, but senior officials at the federal law enforcement agency have concluded the breach “constitutes a major incident,” the agency tells PCMag in a statement. NBC News was first to report(Opens in a new window) the hack. 

The agency uncovered the intrusion on Feb. 17, when it discovered “a ransomware and data exfiltration event affecting a standalone USMS system.” That means the hackers stole information from the computer while planting malicious code capable of encrypting the data inside. 

In response, the US Marshals Service disconnected the computer system. However, the affected hardware holds data on the agency’s operations, which involve protecting federal judges and apprehending criminal fugitives. 

“The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” the agency says.

It’s unclear which ransomware gang targeted the US Marshals Service. The agency’s efforts to investigate and mitigate the data breach are ongoing. But the incident could prove to be damaging. Ransomware groups often threaten to publicly dump any confidential information they steal if victims refuse to give into their demands. In addition, some ransomware groups have suspected ties to the Russian government. 

It’s not the first time the US Marshals Service has suffered a breach. In 2019, a hacker exploited(Opens in a new window) a vulnerability to access a server containing information on 387,000 current and former inmates.

For more, check out What Really Happens In a Data Breach (and What You Can Do About It).