CodeRED Alert: Cyberattack Chaos or Crisis Averted?

The CodeRED platform, used by government agencies for emergency alerts, faced a cyberattack, forcing its shutdown. Crisis24 scrambled to inform agencies, but some were left in the dark. Meanwhile, the Inc ransomware gang claimed responsibility, rejected a ransom offer, and leaked data. Government agencies reeled from the CodeRED attack, emphasizing immediate password changes.

3P
Published: December 1, 2025 9:57 pmAdded: December 1, 2025 at 2:31 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

In a plot twist more unexpected than finding out your grandma is a secret gamer, the beloved emergency notification system CodeRED was hit by a cyberattack, causing chaos just as people were gearing up to give thanks. Turns out, the system was as secure as a wet paper bag. Who knew that the only thing more disastrous than Aunt Karen’s pumpkin pie would be a ransomware attack that left everyone scrambling for backup plans? But hey, at least now your spam folder can double as a thriller novel with all those “urgent” alerts from mysterious senders.

Key Points:

  • The CodeRED emergency notification platform was decommissioned after a cyberattack.
  • The Inc ransomware gang claimed responsibility and attempted ransom negotiations.
  • Government agencies expressed frustration over the disruption.
  • Subscribers’ sensitive data, including passwords, might have been compromised.
  • Customers are being urged to change passwords and enable MFA.

Gobble Gobble: Cyber Trouble

Just when you thought your biggest Thanksgiving worry was how to avoid talking politics with Uncle Bob, Crisis24 drops the bombshell that their CodeRED platform was hit by a cyberattack. The voluntary system, used by government agencies to alert residents about emergencies, was forced offline due to a ransomware attack by the notorious Inc gang. With files encrypted, the platform’s servers felt as stuffed as a turkey, leaving government agencies scrambling to issue alerts through alternative means.

Ransom Notes and Rejected Offers

The Inc ransomware gang, probably feeling as smug as a cat that caught the canary, claimed responsibility for the attack on their Dark Web site. They reportedly accessed CodeRED’s environment on November 1st and started encrypting files by November 10th, right before the holiday madness. Crisis24 tried to negotiate by offering a $100,000 payment, but the gang said, “Thanks, but no thanks,” and decided to auction off the stolen data instead. It’s like a Black Friday sale, but with a lot more doom and gloom.

Government Agencies in a Gravy Boat Without a Paddle

Government agencies, caught off guard by the sudden shutdown, didn’t hold back their frustration. Weld County’s Public Safety Communications Department in Colorado was particularly vocal, expressing discontent over a lack of updates. Meanwhile, in Douglas County, the sheriff’s office went full-on break-up mode and terminated its relationship with CodeRED, citing concerns over citizen privacy. It’s safe to say that the holiday spirit was not exactly thriving in these counties.

The Password Predicament

As if things weren’t bad enough, it turns out that Inc’s leaked data samples showed passwords in plain text, which is about as secure as leaving your keys under the doormat. Subscribers’ names, email addresses, and passwords were potentially compromised, making them ripe targets for further cyber shenanigans. GardaWorld suggested that anyone who reused their CodeRED password elsewhere should change it immediately, which is like suggesting you might want to get a new lock if you’ve been using a skeleton key for your front door.

Sound the Alarm: Time for Digital Vigilance

In the aftermath of the attack, local governments are urging residents to take immediate action. Sioux City, for instance, advised subscribers to update any accounts that shared the same password as their CodeRED login, and to enable multifactor authentication where possible. It’s the cybersecurity equivalent of double-locking your doors after a neighborhood break-in. With the threat actors potentially using stolen data for further nefarious acts, it’s a timely reminder that digital diligence is no joke.

In conclusion, the CodeRED cyberattack has served as a sobering reminder of the vulnerabilities in our digital infrastructure. As government agencies scramble to patch things up, residents are left to ponder the irony that the only warning they didn’t get was about the very platform responsible for issuing them. Whether you call it a wake-up call or just another day in the digital age, one thing’s for sure: it might be time to put cybersecurity on the Thanksgiving menu next year.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?