Maryland Dept. of Health Responds to Ransomware Attack

An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.

Dark Reading Staff, Dark Reading

January 14, 2022

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A cyberattack affecting the Maryland Department of Health (MDH) has been confirmed a ransomware attack, the Depts. Of Health and Information Technology confirmed this week.

The attack, first described as a "network security incident," was detected on Dec. 4, 2021. It took the MDH website offline and led to the removal of resources such as the pages people can access to apply for Medicaid or learn more about local nursing home safety. The incident also disrupted the state's reporting of COVID-19 data.

Maryland CISO Chip Stewart released a statement on Jan. 12 to say while an investigation is still ongoing, officials can confirm it was a ransomware attack. MDH was able to isolate and contain its systems within hours of first detecting it, he said. At the time of publishing, officials had not identified any evidence of the unauthorized access to, or acquisition of, State data, he noted.

As part of the containment process, MDH isolated its websites on the network from one another, external parties, the Internet, and other State networks, Stewart said. Due to this approach, some services became unavailable, and some are still offline.

"I want to be clear: this was our decision and a deliberate one, and it was the cautious and responsible thing to do for threat isolation and mitigation," he wrote in a statement. Often after a security incident, there can be pressure to quickly reconstitute services, Stewart added. "We are recovering with deliberate action to minimize the likelihood of reinfection," he said.

Read Stewart's full breach disclosure for more information.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights