Maryland health agency offline after cyberattack

The Maryland Department of Health took many IT systems offline, including its main website, in response to a cyberattack.
Maryland residents receive the Moderna COVID-19 vaccine through the Anne Arundel County Department of Health at a community COVID-19 vaccination clinic at the Metropolitan United Methodist Church March 23, 2021 in Severn, Maryland. (Win McNamee / Getty Images)

The Maryland Department of Health over the weekend took many of its IT systems offline, including its main website, in response to a cyberattack, the agency said Sunday night.

An agency spokesperson told StateScoop that state officials are investigating alongside federal law enforcement. Officials have not specified what type of malicious activity caused the outage.

“The Maryland Security Operations Center is investigating a network security incident involving the Maryland Department of Health,” the MDH spokesperson, Andy Owen, said in an emailed statement. “The Maryland Department of Information Technology, the Maryland Department of Health, and the Maryland Department of Emergency Management are working closely with federal and state law enforcement partners to address the incident and to gather additional information. Certain systems have been taken offline out of an abundance of caution and other precautions have and will be taken.”

Owen also said that “potentially affected” employees and partners are being informed if they were impacted by the incident, which was first reported by the Washington Post.


People who try to go to the Maryland Health Department’s website are redirected to Owen did not respond to questions about whether the incident affected the agency’s COVID-19 response services, although the state’s website for booking vaccines and diagnostic testing appeared to be online Monday morning.

Many of the department’s other services, including Medicaid enrollment and information about health and long-term care facilities, remain offline.

UPDATE, Dec. 7: The Maryland Department of Health’s website was restored Monday evening. While officials said the “incident appears to have affected some of our partners,” including local health agencies, there were no indications any data had been compromised.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts