Annapolis, MD (May 15, 2025) – Anne Arundel County Government and the Anne Arundel County Department of Health is providing notice of a recent event that may impact the confidentiality of information related to certain individuals who received treatment and related services at the Department of Health.
On February 22, 2025, the county became aware of suspicious activity affecting certain systems within the county’s computer network. The county immediately launched an investigation to confirm the full nature and scope of the activity with the assistance of industry-leading cybersecurity specialists, law enforcement partners, and relevant state agencies.
The ongoing investigation determined that the incident originated externally from a threat actor and was a ransomware attack. Further investigation confirmed that there was unauthorized access to a limited subset of the county’s network between January 28, 2025 and February 22, 2025, and that certain files within the network were accessed or downloaded without authorization during that time.
The county is working with technical consultants to undertake a comprehensive review to determine the information that may have been present in the potentially impacted files and to whom the information relates. At this time, the county cannot confirm how many individuals may be affected. While the investigation remains ongoing, the county is notifying potentially affected individuals by this media release and posting on our website. The county will directly notify any individuals identified as potentially impacted through the review process in the coming months.
The information that may have been present in the impacted files during the event varies by individual and could possibly have included: full name, address, and medical diagnosis or condition. There is no indication at this time that financial information was impacted.
As a precautionary measure, the county encourages individuals to remain vigilant against incidents of identity theft by reviewing account statements, credit reports, and explanations of benefits for unusual activity and to detect errors. Any suspicious activity should be promptly reported to one’s health care provider, insurance company, or financial institution.
The county takes this event and the security of the information in our care very seriously. As part of our ongoing commitment to information security, we are working with relevant stakeholders to update a range of privacy and security safeguards designed to enhance our existing protections.
Essential county services remained operational throughout the incident, and the county was able to return to full operations using existing information technology systems as well as some manual processes a few days after the incident began. Since that time, operations have returned to normal and there is no continued disruption to county services.
Individuals seeking information regarding the incident, incident updates, a list of FAQs and information on how they can help protect their personal information should visit aacounty.org/cyber-incident, or call 877-274-8983.