Arundel County officials disclosed a ransomware attack targeting its Health Department between January 28 and February 22, potentially exposing sensitive patient data. Malicious actors infiltrated the network and may have stolen names, addresses, and medical conditions of individuals served by the department. While no evidence suggests financial data (e.g., bank details, credit cards) was compromised, the breach raises concerns over privacy violations and identity theft risks due to the exposure of personal and health-related information. The county is collaborating with technical consultants to identify affected files and notify impacted individuals. This incident follows a broader trend of cyberattacks in the Baltimore region, including a separate February breach affecting Baltimore City Public Schools and the State’s Attorney’s Office, where Social Security numbers, passport details, and driver’s license numbers of employees, contractors, and students were exposed. The Arundel County attack underscores vulnerabilities in public health infrastructure, particularly the risks of ransomware-driven data exfiltration in sectors handling highly sensitive personal records.
Source: https://www.scworld.com/brief/ransomware-likely-compromised-baltimore-countys-health-data
TPRM report: https://www.rankiteo.com/company/aahealth
"id": "aah5182551120125",
"linkid": "aahealth",
"type": "Ransomware",
"date": "1/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'healthcare',
'location': 'Baltimore, Maryland, USA',
'name': 'Arundel County Department of Health',
'type': 'government (health department)'},
{'customers_affected': ['employees',
'contractors',
'volunteers',
'students'],
'industry': 'education',
'location': 'Baltimore, Maryland, USA',
'name': 'Baltimore City Public Schools',
'type': 'government (education)'},
{'customers_affected': ['employees',
'contractors',
'volunteers'],
'industry': 'legal',
'location': 'Baltimore, Maryland, USA',
'name': "Baltimore City State's Attorney's Office",
'type': 'government (legal)'}],
'data_breach': {'data_exfiltration': 'likely (evidence of theft)',
'personally_identifiable_information': ['names',
'addresses',
'medical conditions',
'Social Security '
'numbers (in related '
'attacks)',
'passport information '
'(in related attacks)',
"driver's license "
'numbers (in related '
'attacks)'],
'sensitivity_of_data': 'high (medical conditions, PII)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'protected health information '
'(PHI)']},
'date_detected': '2024-02-22',
'description': "Officials at Baltimore's Arundel County disclosed that data "
'belonging to patients served by its Health Department may '
'have been stolen following a ransomware attack earlier this '
'year. Infiltration of the Arundel County Department of '
"Health's network from January 28 to February 22 may have "
"allowed malicious actors to pilfer individuals' names, "
'addresses, and medical conditions. The county is working with '
'technical consultants to determine the scope of the breach. '
'No evidence suggests financial details were compromised. This '
'incident follows a broader February cyberattack affecting '
"Baltimore City Public Schools and the Baltimore City State's "
"Attorney's Office, exposing personal details like Social "
"Security numbers, passport information, and driver's license "
'numbers.',
'impact': {'data_compromised': ['names', 'addresses', 'medical conditions'],
'identity_theft_risk': 'high (potential exposure of PII)',
'payment_information_risk': 'low (no evidence of financial data '
'compromise)',
'systems_affected': ['Arundel County Department of Health '
'network']},
'initial_access_broker': {'high_value_targets': ['patient health records'],
'reconnaissance_period': '2024-01-28 to 2024-02-22'},
'investigation_status': 'ongoing (working with technical consultants to '
'determine scope)',
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'CBS Baltimore'}],
'regulatory_compliance': {'regulations_violated': ['potential HIPAA (for '
'Health Department)',
'potential state data '
'breach laws']},
'response': {'incident_response_plan_activated': True,
'third_party_assistance': ['technical consultants']},
'title': 'Ransomware Attack on Arundel County Department of Health',
'type': ['ransomware', 'data breach']}