Have you ever thought about the possibility of your city attempting to alert you about an approaching hurricane/fire/emergency, but you never received any alerts on your cell? Well, that very thing transpired, after hackers broke into the OnSolve CodeRED service. CodeRED is used by many cities to deliver emergency notifications in the United States.
I personally thought that was an incredible tragedy for a service that was created to keep citizens safe, to fail completely based on one cyberattack. It makes one reconsider, if we are too reliant on a single system?
According to the CodeRED provider, the system had to be decommissioned and removed entirely due to the cyberattack.
Additionally, hackers obtained thousands of records belonging to CodeRED customers including the following ID profile information:
They stated that they compromised the system in early November and locked it down from public use. After not receiving the required payment from the company, the hackers started releasing evidence of the hacking in the form of real user data.
Now, many places are attempting to implement new systems, but they must have people sign up all over again, as the old contact lists have likely been erased.
In summary, this is a very serious and complicated situation.
I personally thought that was an incredible tragedy for a service that was created to keep citizens safe, to fail completely based on one cyberattack. It makes one reconsider, if we are too reliant on a single system?
So, Here’s What Happened
One set of hackers accessed CodeRED and created an enormous outage, resulting in no communications from local Law Enforcement Agencies (LEAs), Fire Departments (FDs), or Government Entities across the nation, to warn citizens, regarding an incident.According to the CodeRED provider, the system had to be decommissioned and removed entirely due to the cyberattack.
Additionally, hackers obtained thousands of records belonging to CodeRED customers including the following ID profile information:
- Full Names
- Mailing Addresses
- Phone Numbers
- Email Addresses
- Access Passwords
Who Was Responsible For This?
The hacking group INC Ransom made a statement indicating that they were the perpetrators.They stated that they compromised the system in early November and locked it down from public use. After not receiving the required payment from the company, the hackers started releasing evidence of the hacking in the form of real user data.
What Are The Consequences Of These Attacks?
Examples of states impacted would be Colorado, Virginia, Missouri, Montana, Illinois and many more. Many cities had their access to CodeRED turned off, meaning that there were no weather alerts, evacuation notifications, or security alerts available.Now, many places are attempting to implement new systems, but they must have people sign up all over again, as the old contact lists have likely been erased.
In summary, this is a very serious and complicated situation.
What To Do If You Used CodeRED Alert System
If you have registered with the Code Red notification system, take the following steps immediately:- Change your password for your Code Red account
- Once your local jurisdiction gives you instructions to sign up again, follow those instructions.
- Create multiple warnings using more than one source for emergency alerts, i.e. local news stations, local government websites, etc.