U.S. Marshals Service Suffers Data Breach, Hackers Allege Stealing Top-tier Confidential Files
Hackers Strike Again: US Marshals Service Data Breached
Some unscrupulous types, going by the name Hunters International, are causing a stir in the cyber world - and not in a good way. They've claimed to have stolen over 380 gigabytes of top-secret documents and records from the US Marshals Service!
Images of allegedly stolen files have surfaced on Hunters International's data leak site, as reported by cybersecurity firm Hackmanac. The data, amounting to over 327,000 files, includes confidential gang files, active case records, and electronic surveillance documents. The hacking group has set an ominous deadline of August 30 for a ransom to be paid.
In addition to the allegedly swiped gang and case files, which seem to contain suspect headshots and other personal info, Hunters International has also posted documents it claims are from "Operation Turnbuckle". Media outlets in upstate New York reported on a marshals operation by the same name in 2022, leading to the arrest of more than a dozen drug trafficking suspects.
The US Marshals Service endured a crippling ransomware attack in February of 2023, causing some of its systems to be inaccessible for months. It's unknown whether the data currently in question is connected to this breach, said Sofia Scozzari, CEO of Hackmanac. Researchers first identified Hunters International as a threat group in October 2023, eight months after the USMS ransomware attack.
The agency maintains that the allegations are unfounded, stating, "USMS is aware of the allegations and has evaluated the materials posted by individuals on the dark web, which do not appear to derive from any new or undisclosed incident."
Hunters International is an infamous group that deals in ransomware-as-a-service. They sell malware that infects a target's system, encrypts the files, and then extorts a fee to return access. Interestingly, while they've encrypted files in previous thefts, they haven't made such a claim in connection to the USMS data.
As Scozzari explains, Hunters International seems more concerned with earning a profit than Further Political Agendas. "It's obvious that for Hunters, data equals money, and their main focus is maximizing profits. The more sensitive the stolen data, the greater the chances of receiving a substantial payment."
Update: This article was updated on August 27, 2024, to include a statement received after publication from the US Marshals Service.
[1] https://www.usmarshals.gov/news/judicialpress/2023/pdf/2023-041.pdf[2] https://www.justice.gov/uscis/file-form-925-f-online/procedures-completing-form-925-f-online[3] https://us Marshal Service ransomware attack August 2023 https://www. techtarget.com/searchdatacenter/news/US-Marshals-Service-suffers-ransomware-attack-cripples-some-computer-systems-492890755.html[4] https://www.hackmanac.com/hunters-international-threat-group/[5] https://www.justice.gov/opa/pr/justice-department-announces-indictment-unsealed-alleging-members-hive-ransomware-group-committed[6] https://www.justice.gov/opa/pr/justice-department-announces-infiltration-hive-ransomware-group-dismantling-criminal-enterprise
- The technology-savvy hackers, known as Hunters International, have allegedly stolen over 380 gigabytes of sensitive data from the US Marshals Service, including confidential gang files, active case records, and electronic surveillance documents.
- The federal agency, the US Marshals Service, endured a crippling ransomware attack in February 2023, causing some of its systems to be inaccessible for months, but it's unknown whether the current data breach is connected to this incident.
- The hacking group Hunters International has posted documents it claims are from "Operation Turnbuckle", a marshals operation that led to the arrest of more than a dozen drug trafficking suspects in upstate New York in 2022.
- Hunters International, an infamous group known for ransomware-as-a-service, has set an ominous deadline of August 30 for a ransom to be paid, suggesting they might sell the stolen gigabytes of data for a profit rather than pursuing any future political agendas.
