What is the alleged data breach involving the U.S. Marshals Service (USMS) reported by Hunters International?

The ransomware group Hunters International claims to have exfiltrated approximately 386 GB of highly sensitive and classified data from USMS systems. The gang alleges the data includes passports, identification documents, aerial footage, wiretapping details, and documents marked 'SECRET' and 'TOP SECRET.'

What types of data does Hunters International claim to have stolen from USMS?

Hunters International claims to have stolen 386 GB of data comprising 327,268 files, including copies of passports, aerial footage of military bases, wiretapping details, information on convicts and gang leaders, and documents marked as 'SECRET' and 'TOP SECRET.'

Has USMS experienced similar incidents in the past?

Yes, in February 2023, USMS confirmed that a stand-alone system was compromised in a ransomware attack that exposed sensitive law enforcement information. Additionally, in May 2020, USMS accidentally exposed personal data of over 387,000 former and current inmates, including names, dates of birth, addresses, and Social Security numbers.

Incident

Hunters International Ransomware Gang claims breach US Marshals Service, they deny

Q: How has the U.S. Marshals Service (USMS) responded to the breach claims by Hunters International?

USMS officials have disputed the authenticity of the breach, stating that the information posted by Hunters International does not appear to stem from any recent or undisclosed incident. The agency reviewed the materials posted on the dark web and confirmed that the data does not seem to be from a new breach.

Q: Is there any indication that the data claimed by Hunters International was previously compromised?

Yes, there is evidence suggesting that the data Hunters International claims to have stolen may have been previously compromised. In March 2023, a hacker known as 'Tronic' listed similar data on a Russian-speaking hacking forum. It is unclear if Tronic is associated with Hunters International or if the group acquired the data from a secondary source.

published: Aug. 27, 2024

Learn More

Tthe U.S. Marshals Service (USMS) was named as a victim by the ransomware group Hunters International on the group’s dark web data leak site. The cybercrime gang claims to have exfiltrated approximately 386 GB of highly sensitive and classified data from USMS systems.

However, USMS officials dispute the authenticity of the breach, stating that the information posted by the gang does not appear to stem from any recent or undisclosed incident.

Hunters International, claims to have obtained 386 GB of data comprising 327,268 files. Screenshots released by the gang allegedly depict stolen files containing:

Copies of passports and identification documents.
Aerial footage and photographs of military bases and other high-security areas.
Wiretapping and surveillance details involving U.S. citizens.
Information on convicts, gang leaders, and drug cartels.
Documents marked "SECRET" and "TOP SECRET."

This incident is not the first time the USMS has been targeted. In February 2023, USMS confirmed that a stand-alone system was compromised in a ransomware attack that exposed sensitive law enforcement information.

Furthermore, in May 2020, USMS accidentally exposed personal data of over 387,000 former and current inmates, including names, dates of birth, home addresses, and Social Security numbers.

There is evidence suggesting that the data Hunters International claims to have stolen may have been previously compromised. In March 2023, a hacker known as “Tronic” listed similar data on a Russian-speaking hacking forum, which included sensitive information from USMS systems. It is currently unclear if Tronic is directly associated with Hunters International or if the group acquired the data from a secondary source and is now attempting to resell it.

A USMS spokesperson confirmed that the agency is aware of the claims made by Hunters International. The agency has reviewed the materials posted on the dark web but stated that the data does not appear to be from a new incident.

Hunters International Ransomware Gang claims breach US Marshals Service, they deny

Read More
Hacker group doxxes U.S. federal officials in data …
Kuwait’s Ministry of Health reports cyberattack
Regional Financial Management Information System of Indonesia breached
Contra Costa Transit Authority reports data breach
Whitehorse City Council reports data breach involving OracleCMS