Officials at the US Marshals Service (USMS) said on Monday that the breach compromised sensitive law enforcement information.

The attack was described as a "major incident" that only targeted the USMS.

The US Department of Justice is investigating the breach, an agency spokesperson said.

The ransomware attack was discovered on 17 February, the USMS said.

"Shortly after that discovery, the USMS disconnected the affected system, and the Department of Justice initiated a forensic investigation," said Drew Wade, spokesperson for the US Marshals Service.

Mr Wade said that hackers were able to access sensitive data, like law enforcement information on ongoing legal procedures, personal information of some employees, and information about wanted fugitives.

But the witness protection programme was not compromised, a senior official told CNN.

The USMS is overseen by the Department of Justice, who deemed the breach a "major incident" on 22 February.

Under US policy, this classification means that the breach likely caused harm to US national security, foreign relations, or to the public confidence, civil liberties or the public health and safety of Americans.

Mr Wade said the Department continues to look into the breach and that remediation efforts are ongoing.

"We are working swiftly and effectively to mitigate any potential risks as a result of the incident," he said.