Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems used by state and local governments, police departments, and fire agencies across the United States.
The CodeRED platform enables these agencies to send alerts to residents during emergencies.
The cyberattack forced Crisis24 to decommission the legacy CodeRED environment, causing widespread disruption for organizations that use the platform for emergency notifications, weather alerts, and other sensitive warnings.
In statements and an FAQ shared with impacted customers, Crisis24 says its investigation found that the attack was contained to the CodeRED environment and did not affect any of its other systems.
However, they have confirmed that data was stolen from the platform during the attack. This stolen information includes names, addresses, email addresses, phone numbers, and passwords used for CodeRED user profiles.
Crisis24 tells customers that they have seen no indication that the stolen data has been publicly published.
"CodeRED has informed us that while there are indications that data was taken from the system, at this time, there is no evidence that this information has been posted online," warned an announcement by the City of University Park, Texas.
Because the attack damaged the platform, Crisis24 is rebuilding its service by restoring backups to a newly launched CodeRED by Crisis24 system. However, the available data is from an earlier backup on March 31, 2025, so accounts will likely be missing from the system.
Numerous counties, cities, and public safety agencies nationwide have reported on the cyberattack and disruption, stating that they are working to restore emergency alert systems for their residents.
INC Ransom gang claims responsibility
... continue reading