A ransomware attack has struck Anne Arundel County's government systems in Annapolis, Maryland, disrupting multiple public services and compromising sensitive data. County officials detected the cyber intrusion on February 22, 2025, attributed to the INC ransomware group.
While emergency services remain accessible through 911 and 311 systems, the county's computer-aided dispatch (CAD) system used by first responders went offline at 9:45 a.m., affecting call management capabilities. Emergency dispatching continues to function despite these limitations.
County administrators received notifications that several terabytes of data have been exposed on a dark web blog. The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have launched investigations into the incident.
This attack adds to Maryland's growing list of cyber incidents. Frederick Health experienced a ransomware attack in January 2025 that forced its emergency department to redirect ambulances and halt new patient admissions. In 2019, Baltimore City faced an $18 million recovery bill after refusing ransom demands from the RobinHood ransomware group.
The Anne Arundel County government has not revealed whether it plans to engage with the attackers' demands. As cybersecurity experts warn of increasing threats to public infrastructure, this incident highlights the ongoing vulnerabilities faced by local governments and healthcare facilities in Maryland.