A cyberattack affecting the Maryland Department of Health (MDH) has been identified as a ransomware attack, Depts. The Ministry of Health and Information Technology confirmed this week.
The attack was initially described as a “cybersecurity incident” Detected December 4, 2021. It took the MDH website offline and led to the removal of resources such as pages that people could visit to apply for Medicaid or learn more about local nursing home safety. The incident also disrupted the state’s reporting of COVID-19 data.
Maryland’s chief information security officer Chip Stewart said in a Jan. 12 statement that while the investigation is ongoing, officials can confirm it was a ransomware attack. MDH was able to isolate and take control of its systems within hours of first detecting it, he said. He noted that at the time of publication, officials had not found any evidence of unauthorized access or access to national data.
Stewart said that as part of the containment process, MDH isolated its sites on the web from each other, external parties, the Internet and other national networks. Due to this approach, some services become unavailable while some remain offline.
“I want to make it clear: this is our decision, and it was a deliberate one, and it was a prudent and responsible thing to do to isolate and mitigate the threat,” he wrote in a statement. Stewart added that usually There may be pressure to quickly restructure services following a security incident. “We are recovering through careful action to minimise the potential for reinfection,” he said.
Read Stewart’s full breach disclosure Want to inquire more information.
