A February cyberattack compromised confidential data of patients who received care from the Anne Arundel County Department of Health, officials said.

For the first time Thursday, county officials offered greater detail about the breach that temporarily closed county government buildings and disrupted several services for residents.

Officials said in a news release that the county first became aware of the attack Feb. 22 and immediately commissioned an investigation into the extent of the breach “with the assistance of industry-leading cybersecurity specialists, law enforcement partners, and relevant state agencies.”

“The ongoing investigation determined that the incident originated externally from a threat actor and was a ransomware attack,” the county said, explaining that “a limited subset of the county’s network” was infiltrated between Jan. 28 and Feb. 22.

“Certain files within the network were accessed or downloaded without authorization during that time,” officials added.

In ransomware attacks, hackers typically penetrate a system, encrypt, or lock, the data and demand payment to release the information, according to experts.

Asked whether the county had paid hackers, spokesperson Renesha Alphonso said: “The investigation is still ongoing and due to the ongoing nature we can’t disclose that information at this time.”

Officials said the county is working with consultants to determine what was in the files that were compromised. It’s also still unclear, the county said, how many people’s information may have been affected.

It’s possible the hackers gained access to full names, addresses and medical diagnoses or conditions, according to the news release.

While the county said it does not appear as though financial information was compromised, officials encouraged residents to “remain vigilant against incidents of identity theft by reviewing account statements, credit reports, and explanations of benefits for unusual activity and to detect errors.”

“Any suspicious activity should be promptly reported to one’s health care provider, insurance company, or financial institution,” the county added.

Saying the county takes the cyberattack and residents’ private information “very seriously,” officials said they were working with “relevant stakeholders” to enhance the county’s privacy and security safeguards.

County Executive Steuart Pittman, a Democrat, included a $4.3 million year-over-year increase for the government’s “very complex IT systems” in his proposed budget.

“After falling behind for many years,” Pittman told the County Council May 1, “our county is catching up, with a newly integrated enterprise-wide system, with a Land Use Navigator that gives communities and developers the transparency and accountability they’ve been seeking, and dozens of other projects that are making systems more responsive, more efficient, and more secure.”