Ethical Hacking News
Global Emergency Alert System Disrupted by OnSolve CodeRED Cyberattack: A Cautionary Tale of Poor Cybersecurity Practices. A recent cyberattack on the OnSolve CodeRED platform has disrupted emergency notification services for multiple U.S. state and local governments, police, and fire agencies, highlighting the importance of robust cybersecurity practices in critical infrastructure sectors.
The recent cyberattack on OnSolve CodeRED alert platform highlights the importance of robust cybersecurity practices. A cybercriminal group, INC Ransom Group, claimed responsibility for the breach and demanded a ransom payment in exchange for restoring access to the system. The attack disrupted emergency notification services for multiple agencies, including the City of University Park, Texas, and may have compromised user data. OnSolve has announced its intention to decommission the affected platform and migrate to a new, more secure alert system. The incident emphasizes the need for organizations to prioritize their cybersecurity posture, invest in robust security measures, and maintain a culture of cybersecurity awareness among employees.
Cyberattacks have become an increasingly common occurrence in recent years, and their impact is being felt across various sectors, including emergency services. The recent disruption of the OnSolve CodeRED alert platform, which serves U.S. state and local governments, police, and fire agencies, serves as a stark reminder of the importance of robust cybersecurity practices.
OnSolve CodeRED is a cloud-based emergency alert system that enables users to quickly deliver critical notifications through various channels, including calls, texts, emails, and mobile alerts. The platform has been widely used by U.S. state and local governments to issue geo-targeted warnings during emergencies, thereby helping communities stay informed and respond rapidly.
However, in November 2025, a cyberattack on the OnSolve CodeRED platform disrupted emergency notification services for multiple agencies, including the City of University Park, Texas. The attack was attributed to a cybercriminal group known as the INC Ransom Group, which claimed responsibility for the breach. According to the attackers, they gained access to the infrastructure of OnSolve in November 2025 and encrypted their files, demanding a ransom payment in exchange for restoring access to the system.
The impact of the attack was significant, with multiple agencies reporting disruptions to their emergency services. The City of University Park, Texas, notified its residents of a cybersecurity incident affecting its third-party alert system, CodeRED, which may have compromised user data, including contact details and account passwords. Residents were advised to change reused passwords immediately.
The attackers also claimed that they had stolen data from the OnSolve infrastructure, including two CSV files containing sensitive information. The group published these files on a Tor leak site, further highlighting the severity of the breach.
OnSolve has since acknowledged the attack and announced its intention to decommission the affected CodeRED platform and migrate to a new, more secure alert system. The company has also engaged external experts for penetration testing and hardening to ensure the security of the new platform.
The incident highlights the importance of robust cybersecurity practices, particularly in critical infrastructure sectors like emergency services. Poor cybersecurity practices can have devastating consequences, including disruptions to essential services and potential breaches of sensitive user data.
In light of this incident, it is essential for organizations to prioritize their cybersecurity posture, invest in robust security measures, and maintain a culture of cybersecurity awareness among employees. The use of advanced threat intelligence tools, regular vulnerability assessments, and penetration testing can also help identify and mitigate potential security risks.
Furthermore, the incident underscores the need for standardization and cooperation among organizations and governments to address emerging cyber threats. The sharing of threat intelligence, best practices, and vulnerabilities can help improve cybersecurity posture and reduce the risk of similar attacks in the future.
In conclusion, the recent OnSolve CodeRED cyberattack serves as a stark reminder of the importance of robust cybersecurity practices in critical infrastructure sectors like emergency services. Organizations must prioritize their cybersecurity posture, invest in advanced security measures, and maintain a culture of cybersecurity awareness among employees to prevent similar breaches in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Global-Emergency-Alert-System-Disrupted-by-OnSolve-CodeRED-Cyberattack-A-Cautionary-Tale-of-Poor-Cybersecurity-Practices-ehn.shtml
https://securityaffairs.com/185075/cyber-crime/emergency-alerts-go-dark-after-cyberattack-on-onsolve-codered.html
Published: Wed Nov 26 05:41:55 2025 by llama3.2 3B Q4_K_M
