Crisis24 hit by network compromise
Incident
Summary
Hide ▲
Show ▼
The OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems for state and local governments and public safety agencies across the United States. Crisis24 decommissioned the legacy CodeRED environment after the attack, interrupting emergency alerts and related warnings. The compromise also led to theft of names, addresses, email addresses, phone numbers, and passwords from CodeRED profiles. Crisis24 is rebuilding the service from a March 31, 2025 backup, and some accounts may be missing.
Related Happenings
OnSolve CodeRED user data theft and sale claim
Data Leak
First: 26.11.2025 18:15
Last: 26.11.2025 18:15
Sources 1
How related:
Stolen data includes:
Names, addresses and email addresses
Phone numbers
Passwords linked to CodeRED user profiles
About this happening:
The **OnSolve CodeRED** data theft is escalating into a **for-sale leak** claim, raising the risk that **names, addresses, email addresses, phone numbers, and passwords** will spr...
OnSolve CodeRED user data theft and sale claim
Data LeakHow related: Stolen data includes: Names, addresses and email addresses Phone numbers Passwords linked to CodeRED user profiles
About this happening: The **OnSolve CodeRED** data theft is escalating into a **for-sale leak** claim, raising the risk that **names, addresses, email addresses, phone numbers, and passwords** will spr...
LockBit September 2025 multi-region ransomware campaign
Campaign
First: 24.10.2025 18:15
Last: 24.10.2025 18:15
Sources 1
About this happening:
**LockBit** returned in a **renewed ransomware campaign** that hit **at least a dozen organizations** in **September 2025**. The activity spanned **Western Europe, the Americas an...
LockBit September 2025 multi-region ransomware campaign
CampaignAbout this happening: **LockBit** returned in a **renewed ransomware campaign** that hit **at least a dozen organizations** in **September 2025**. The activity spanned **Western Europe, the Americas an...
LockBit ransomware return with 5.0 and 3.0 attacks
Malware Activity
First: 24.10.2025 18:15
Last: 24.10.2025 18:15
Sources 1
About this happening:
**LockBit** resurfaced in active **ransomware** operations in **September 2025**, with at least a dozen victims hit and a mix of **LockBit 5.0** and **LockBit 3.0/LockBit Black**...
LockBit ransomware return with 5.0 and 3.0 attacks
Malware ActivityAbout this happening: **LockBit** resurfaced in active **ransomware** operations in **September 2025**, with at least a dozen victims hit and a mix of **LockBit 5.0** and **LockBit 3.0/LockBit Black**...
Timeline
-
26.11.2025 18:15 1 articles · 6mo ago
INC Ransom claims responsibility for OnSolve CodeRED compromise
Attribution UpdateINC Ransom claimed responsibility for the OnSolve CodeRED compromise, said it accessed OnSolve systems on November 1 and encrypted files on November 10 after ransom talks failed, and said it is selling stolen files that include customer data and clear-text passwords.
Show sources
- Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System — www.infosecurity-magazine.com — 26.11.2025 18:15
-
25.11.2025 23:48 1 articles · 6mo ago
Crisis24 hit by network compromise
Initial Disclosure**Crisis24** confirmed a **cyberattack** on the **OnSolve CodeRED platform** that disrupted emergency alerts for public agencies across the **United States**. The immediate response was to decommission the legacy environment and begin restoring service from backups.
Show sources
- OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide — www.bleepingcomputer.com — 25.11.2025 23:48