Ransomware Group Says It Infiltrated US Marshals Service Systems; Agency Disputes That

A hacking group claims it hit the U.S. Marshals Service (USMS) in a major cyberattack. However, USMS, the agency responsible for apprehending fugitives and protecting witnesses, is disputing that claim.

A ransomware group known as Hunters International says it hit the servers of USMS and stole 380 gigabytes of data, including confidential and top-secret documents, as well as records about gangs, active cases, and electronic surveillance.

The data is said to be listed on the dark web with accompanying pictures of some of the 327,000 files stolen. The hackers reportedly set an August 30 deadline for ransom to be paid.

However, a statement to Gizmodo, USMS spokesperson Brady McCarron disputed the claims. 

“USMS is aware of the allegations and has evaluated the materials posted by individuals on the dark web, which do not appear to derive from any new or undisclosed incident,” said McCarron.

Previous Attack

This is not the first time USMS has been in the news for cybersecurity issues.

In February 2023, the agency was hit with a ransomware attack that exposed sensitive information, including employee data and information on fugitives and law enforcement investigations.

In that attack, USMS opted not to pay ransom and instead shut down its computer system. It took about ten weeks to fully restore the computers. 

No one took credit for the 2023 attack.

For its part, Hunters International is connected to the now defunct Hive ransomware group, which was disbanded by the Federal Bureau of Investigation (FBI) in January 2023. According to Gizmodo, Hunters bought the Hive malware and made it more effective.

“It is clear that for Hunters, data is money and the group’s main focus is maximizing profits” rather than any political motivation, said Sofia Scozzari, the CEO of Hackmanac. “In this regard, the more sensitive the stolen data, the greater the chances of receiving a large payment