HQ/EMEAFind out how we can help your business
Researchers discovered that a malicious threat actor is selling stolen data from the recent US Marshals Service hack. Based on reports, the posted information includes hundreds of gigabytes worth of stolen data from the US Marshals Service (USMS) servers.
The compromised American agency is a Justice Department bureau that supports the federal justice system through executing federal court orders, seizing illegally obtained assets, assuring the safety of government witnesses, and more.
The hacker titled the alleged stolen data from the United States entity as “350GB from US Marshal Service (USMS) law enforcement confidential information,” added earlier this week on a Russian-speaking forum.
The seller claimed the database is worth $150,000 since it includes documents from file servers and work on computers from 2021 to February.
The US Marshals Service hack allegedly contains military information.
According to investigations, the information from the US Marshals Service hack includes aerial footage and pictures of military bases and high-security areas, details on wiretapping and surveillance of citizens, and copies of passports.
In addition, the file includes information on convicts, cartels, and gang leaders. The hacker also claimed that some stolen data archives are labelled TOP Secret. The threat actor also claims that the database contained details regarding witnesses in the witness protection program.
This sudden emergence of the alleged stolen data comes after the USMS confirmed last month that it has an ongoing investigation about a data exfiltration event that happened on the February 17 ransomware attack.
According to a USMS spokesperson, the data stolen in the recent incident could be considered a major incident since it includes USMS employees’ personally identifiable information.
Unfortunately, USMS revealed another data breach incident in May 2020 after it exposed details of over 380,000 former and current in a December 2019 campaign. The 2019 cyberattack stole inmate credentials such as names, dates of birth, home addresses, and social security numbers.
Lastly, the United States FBI also revealed a cybersecurity incident a couple of weeks ago that is an alleged isolated incident.
