The CodeRED emergency alert platform recently suffered a major cyberattack that forced the company to shut down its entire older system. CodeRED is widely used across the United States to send important emergency notifications like weather warnings and evacuation alerts. Because of the attack, the legacy platform became unusable and had to be taken offline immediately. This caused disruptions for many cities and counties that depend on it.
The company behind the service, Crisis24, confirmed that the attack was targeted and carried out by an organized cybercriminal group. They reported that the intruders gained access earlier in November and later encrypted critical files. This damage made it impossible for the system to keep functioning normally. As a result, Crisis24 had no option but to start rebuilding CodeRED from scratch.
During the cyberattack, the hackers stole sensitive user data stored in the CodeRED environment. The information taken may include names, home addresses, email IDs, phone numbers, and even passwords. Some of these passwords were reportedly stored in plain text, increasing the threat of misuse. The attackers later posted samples of this stolen data on an online leak site.
Investigators identified the hacking group as INC Ransom, based on the evidence the attackers themselves shared. The group published screenshots showing the data they had accessed to prove their involvement. These posts confirmed that the breach had exposed real user information. This further raised concerns among the agencies that rely on CodeRED for public safety alerts.
Because of the extent of the damage, Crisis24 permanently shut down the old CodeRED system. They confirmed that the breach was limited to that legacy environment and did not spread to other systems. The company is now rebuilding the platform on new and more secure infrastructure. A fresh version of CodeRED is being prepared for use by local agencies.
Many local governments faced challenges after the system went down unexpectedly. Agencies had to rely on backup communication methods like websites, media outlets, or social media pages. Some emergency departments even decided to end their contracts with CodeRED due to security concerns. They announced that they would begin looking for safer alternatives.
Security experts advised all CodeRED users to change their passwords immediately as a safety measure. This is especially important for anyone who uses the same password on multiple platforms. Even though there is no confirmed misuse of the stolen information yet, the risk remains high. Users are urged to stay cautious of suspicious calls, texts, or emails.
Crisis24 has hired external cybersecurity specialists to investigate the full extent of the attack. Law-enforcement authorities, including federal agencies, have also been notified. The company says it is working to restore secure and reliable emergency services as soon as possible. Until the new system is fully active, residents are advised to follow other official channels for urgent updates.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
