Cyber Breach at U.S. Marshals Service Exposes 387,000 Individuals’ PII

A cyber intrusion that occurred at the U.S. Marshals Service in December 2019 exposed 387,000 individuals’ names, addresses, birth dates, and social security numbers to attackers, an agency spokesperson confirmed to MeriTalk yesterday.

According to the spokesperson, attackers were able to exploit a vulnerability in a server called DSNet. DSNet tracks the movement and housing of Marshals Service prisoners between the courts, the Bureau of Prisons, and within the Marshals Service.

CDM Central is going virtual for the June 2020 Conference Learn More

A cybersecurity monitoring tool alerted the Department of Justice’s Security Operations Center to the attack, but attackers were still able to extract the sensitive personally identifiable information on hundreds of thousands of individuals.

The spokesperson said that the Marshals Service and the Security Operations Center has taken action to prevent future attacks, including a comprehensive code review, correction, and testing of DSNet.

The U.S. Marshals Service is responsible for protecting the Federal judiciary, apprehending Federal fugitives, and transporting Federal prisoners.

Katie Malone
About Katie Malone
Katie Malone is a MeriTalk Staff Reporter covering the intersection of government and technology.

Categories

Recent