The U.S. Marshals Service suffered a security breach over a week ago that resulted in the compromise of sensitive information, multiple senior U.S. law enforcement officials said Monday.
In a statement Monday, U.S. Marshals Service (USMS) spokesperson Drew Wade acknowledged the breach, telling NBC News: "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."
Wade said the incident occurred on Feb. 17, when the Marshals Service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system."
After the ransomware was discovered the system was disconnected from the network and the Justice Department began a forensic investigation, Wade said.
Read more from NBC News:
He added that on Feb. 22, after the agency briefed senior department officials on the incident, "those officials determined that it constitutes a major incident."
The investigation is ongoing, Wade said.
A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger due to the breach.
Nevertheless, the official said, the incident is significant and contains law enforcement sensitive information pertaining to the subjects of Marshals Service investigations.
The official said that the agency has been able to develop a workaround so that it's able to continue operations and efforts to track down fugitives.