Starting Sunday through Monday midday, much the Maryland Department of Health website was taken offline due to a cyberattack. The breach was one of many that have occurred in the region in the past two years.

Since Sunday, the department’s website has been rerouted to Maryland.gov, and while many links are still working, dozens of MDH resources and services, including information about the Medicaid program, opioid data dashboard, are unavailable online. MDH’s COVID Link website, the Medicare open enrollment website, and Maryland’s Opioid Operational Command Center website appear to still be in operation.

The department’s website was taken offline “out of an abundance of caution and other precautions have and will be taken,” Andy Owen, a spokesperson for the department told DCist/WAMU in an email. Owen added that the state’s security operations center is working with state and federal law enforcement officials to investigate the incident and there is no evidence that data has been compromised.

“The investigation is ongoing, potentially affected employees and partners have been informed, and we will provide additional information as circumstances warrant,” Owen wrote.

Jim Lewis, a cybersecurity expert with the Center for Strategic and International Studies, told DCist/WAMU that ransomware is most likely the motive for this cyberattack.

“Most likely Russians are scoping out the value of a likely healthcare target,” Lewis said. “Less likely Chinese looking for data of intelligence value.”

Lewis pointed to the massive Russian ransomware attack over the summer when Russian hackers targeted IT management software company Kaseya, which may have affected as many as 1500 companies that use the product, according to Politico. In July, President Joe Biden said he would take “any action necessary” to defend the country’s critical infrastructure against Russian assaults.

“But then the question is: is a health care system like [MDH] considered critical infrastructure?,” Lewis said. “It’s open to interpretation, but there have been a lot of attacks on health care facilities because they tend to be vulnerable.”

Lewis adds there’s a possibility those responsible for the attack could return to access data or ask for money.

The attack isn’t the first in the region this year. In Oct. 2020, Montgomery County’s Inspector General raised the alarm about a data breach of information belonging to 529 child victims of sexual or physical abuse or neglect at the Tree House Child Advocacy Center in Rockville. And earlier this year, Russian foreign hackers claimed to have stolen, and then subsequently released to the public, 250 gigabytes of internal D.C. police data after negotiations over a ransom demand failed with D.C. government officials.

Owen said the Maryland Department of Health is working to get the site and data updates running again as soon as possible.