Threat actors claim they're selling 350GB of sensitive information, such as wiretap data and photos of military bases, stolen from the US Marshals Service (USMS).
A malicious actor posted an ‘advert’ on a Russian-language cybercrime forum, announcing sale of what it said was a USMS data haul. The author claims the dataset includes drone videos of military bases, passports, and IDs, as well as information about convicts, witnesses, drug cartels, and other sensitive details.
In February 2023, USMS announced it was hit by a major ransomware attack, compromising sensitive information on known fugitives, legal proceedings, and USMS employees. However, at the time, the policing body said no data on individuals in the witness protection program was exposed.
No ransomware syndicate has taken credit for the attack so far.
US Marshals have the broadest arrest mandate among federal law enforcement agencies. They are empowered to help state and local authorities find and apprehend the most violent fugitives nationwide.
The forum post was uploaded from a one-day-old account. The author did not provide any data samples as proof, but claimed the information dates from 2021 to February this year.
The threat actors claiming the theft have put a $150,000 price tag on the dataset, which supposedly includes files marked "Top Secret" and backdoor software for Apple devices.
More from Cybernews:
Subscribe to our newsletter