Emergency Alert Systems Across US Disrupted Following OnSolve CodeRED Cyberattack

Emergency notification systems are the backbone of public‑safety communications, enabling governments, police forces, and first‑responders to disseminate urgent alerts via SMS, email, push notifications, and voice calls. As municipalities increasingly migrate these services to cloud‑based platforms, the convenience of real‑time reach is balanced against heightened exposure to cyber threats. OnSolve’s CodeRED has been a staple for many U.S. jurisdictions, making its recent disruption a stark reminder of the sector’s reliance on a single vendor for critical event messaging.

The attack on OnSolve was orchestrated by the ransomware collective INC Ransom, which publicly claimed responsibility and posted screenshots of compromised data on a Tor leak site. The breach stripped the legacy CodeRED environment of user profiles, including names, addresses, phone numbers, and passwords, raising immediate concerns about credential reuse across other services. Compounding the damage, the company’s most recent backup was more than six months old, meaning all alerts and account changes made during that period are effectively erased. This loss not only hampers ongoing emergency operations but also erodes trust among clients who depend on uninterrupted service.

For public agencies, the incident triggers a reassessment of vendor security postures and business‑continuity planning. Douglas County’s decision to sever ties with CodeRED illustrates a growing willingness to abandon legacy contracts when data privacy and operational reliability are at stake. The broader market may see accelerated adoption of multi‑vendor strategies, enhanced encryption standards, and stricter compliance checks for emergency‑alert providers. As regulators and municipalities prioritize resilience, vendors will need to demonstrate robust backup regimes, rapid incident response, and transparent communication to retain confidence in the critical infrastructure ecosystem.