Maryland real property search tool offline due to suspicious activity
Maryland real property search tool offline due to suspicious activity
Publish Date: 2026-04-20 13:23:00
Source Domain: www.heraldmailmedia.com
Using an unordered list, summarize the following article with between 4 and 8 key points. Updated April 20, 2026, 1:23 p.m. ETMaryland’s online real property search tool was taken offline after suspicious activity was detected.An investigation suggests that only public information was contained on the compromised systems.The website will remain down until the system is cleared for public use.Officials urge residents to avoid third-party sites for property records and to follow cybersecurity best practices.(This story was updated to include an April 20 update from the Maryland Department of Information Technology.)Maryland’s online real property search tool has been down for almost a week after state officials detected suspicious activity on servers running the search’s website application.The Maryland Department of Assessments and Taxation issued a news release Saturday, April 18, stating the Maryland Department of Information Technology detected the suspicious activity on Tuesday, April 14, and “quickly took the website offline to contain potential threats and conduct an investigation of the suspicious activity.”The page will stay offline until the system is cleared for public use. It remained down on Monday, April 20.Analysis from the information technology department’s Office of Security Management “suggests that all compromised systems contained only public information already accessible through the Real Property Search web application,” the release states.Among the data the online search tool allows the public to look up is property ownership by address and sale prices as well as recent property sales.Information technology department officials do “not anticipate a broader cybersecurity risk to the state at this time,” the April 18 release states.Late Monday morning, April 20, Department of Information Technology (DoIT) spokesperson Nathan Miller, in an email to The Herald-Mail, said there were no further updates.The department will bring the real property web application “back online once it has finished its investigation and ensured the Real Property system is secure,” he wrote.”At this time, analysis from DoIT’s Office of Security Management suggests that all compromised systems contained only public information already accessible through the Real Property web application and have not seen any evidence of private data being accessed or exfiltrated. DoIT does not anticipate a broader cybersecurity risk to the state at this time, and internal investigations are still ongoing.”In order to combat the increased threat of cyber attacks targeting systems in the public and private sector across the country, we are constantly working in partnership with state, federal, and third-party partners to further strengthen and harden online systems the public depends on,” Miller said.While the state real property search is down, those who need real property information can contact their local Real Property Assessment County Office.For Washington County, that office is at 3 Public Square in downtown Hagerstown or call 301-791-3050, fax 301-791-2925 or email [email protected]. Hours are 8 a.m. to 4:30 p.m. weekdays.For Wicomico County, that office is in the Salisbury District Court Multi-Service Center at 201 Baptist Street or call 410-713-3560, fax 410-713-3570 or email [email protected]. Hours are 8 a.m. to 4:30 p.m. weekdays.Watch out for scams: Why that Amazon product recall text is probably a scamMaryland officials suggest cybersecurity precautions for residentsAssessment officials, in the release, urge Marylanders and businesses to avoid third-party websites and unofficial links that claim to provide state property records because they might not be secure.The information technology department also shared cybersecurity best practices, including:Updating software on all devices. Regular updates ensure devices have the latest security features and patches.Recognizing phishing and suspicious websites. Phishing attempts include deceptive emails, texts or websites designed to trick people into revealing sensitive information such as passwords, financial details or personal data. They often mimic legitimate organizations such as banks and government agencies. Such emails, texts or websites might ask for personal info or prompt users to click on suspicious links. Do not enter personal data or click such links.Installing and maintaining endpoint protection. This involves installing a reputable endpoint protection solution on devices and keeping them up-to-date. Such tools help detect, block and remove malicious software, including viruses, ransomware and spyware before they can do harm. Look for options from well-known security vendors and make sure there are automatic updates and that real-time scanning is enabled. Regularly run scans on devices.Updating passwords. Use unique, complex passwords for personal and work accounts. Password managers make it easier to manage these.Enabling multi-factor authentication. This adds another layer of security by requiring multiple forms of verification to access an account.2026 Washington County high school spring sports centralThe FBI’s cybersecurity tips include examining the senders’ email addresses and website URLs. “Scammers often mimic a legitimate site or email address by using a slight variation in spelling. Or an email may look like it came from a legitimate company, but the actual email address is suspicious,” according to FBI.gov.Maryland investigating suspicious activity with property search tool
