惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Blog of Author Tim Ferriss
S
SegmentFault 最新的问题
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 司徒正美
T
Tailwind CSS Blog
The Cloudflare Blog
The Last Watchdog
The Last Watchdog
PCI Perspectives
PCI Perspectives
博客园 - 聂微东
Stack Overflow Blog
Stack Overflow Blog
TaoSecurity Blog
TaoSecurity Blog
云风的 BLOG
云风的 BLOG
C
Cybersecurity and Infrastructure Security Agency CISA
O
OpenAI News
Recorded Future
Recorded Future
GbyAI
GbyAI
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
量子位
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
F
Full Disclosure
Recent Announcements
Recent Announcements
Vercel News
Vercel News
S
Schneier on Security
H
Heimdal Security Blog
Cisco Talos Blog
Cisco Talos Blog
V2EX - 技术
V2EX - 技术
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
B
Blog RSS Feed
宝玉的分享
宝玉的分享
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy & Cybersecurity Law Blog
T
Threat Research - Cisco Blogs
G
Google Developers Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
爱范儿
爱范儿
IT之家
IT之家
大猫的无限游戏
大猫的无限游戏
C
Check Point Blog
N
Netflix TechBlog - Medium
S
Security @ Cisco Blogs
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Microsoft Azure Blog
Microsoft Azure Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cyberwarzone
Cyberwarzone

Consumer Insights

Coca-Cola halts Fairlife production across US after ransomware attack Qantas data breach started with a fake IT support call Lidl warns customers after data breach How to find out if your identity has been exposed by infostealers Texas breach exposes PII of 3 million hunting and fishing license customers Maine forced to take down data breach portal after fake notices filed with authorities Carnival breach exposes data of nearly 6 million people 7-Eleven data breach exposes data of 185,000 people UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years DAEMON Tools Lite breach prompts urgent update after malware-laced installer Instructure confirms breach; millions of Canvas users potentially impacted Stalkerware data leak exposes private screenshots linked to celebrities and influencers Hackers claim to have breached Udemy, stealing 1.4 million user records Rituals data breach exposes customer details Booking.com says breach exposed travelers’ data Basic-Fit data breach exposes member information across Europe Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data Lapsus$ claims AstraZeneca breach exposes code and credentials Aura data breach exposes 900,000 records after phishing attack Telus Digital data breach confirmed after ShinyHunters claims 1PB theft Was Your Data Exposed in the Latest Under Armour Breach? Here’s What You Should Do Breach at Tinder, Hinge and OkCupid exposes user data Europe Fines Big Tech €1.2 Billion under GDPR in 2025 European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data European Space Agency Confirms New Data Breach; Classified Info May Have Been Stolen Rainbow Six Siege Servers Offline After Massive Breach Floods Accounts with Billions of R6 Credits 21,000 Nissan Customers Exposed After Third-Party Server Breach Spotify Catalog Scraped, 300TB Music and Metadata Dumped via Torrent University of Sydney Confirms Data Breach Affecting Thousands Leroy Merlin Breach Alert: French Customers Notified After Cyberattack Exposes Personal Data
CodeRED Emergency Alerts Disrupted Across US After Ransomware Breach
Vlad CONSTANTINESCU · 2025-11-28 · via Consumer Insights

Multiple US communities scramble for alternatives after a cyberattack cripples a major emergency system.

Widespread outages hit local emergency notifications

A ransomware attack on Crisis24, the vendor behind the CodeRED emergency alert system, has left towns and cities across the United States without a core public-warning tool. CodeRED is widely used to push urgent notifications for severe weather, public safety incidents, missing persons and other critical situations.

In the aftermath of the intrusion, many municipalities issued nearly identical advisories confirming the system was offline and advising residents to expect emergency information through temporary channels.

The disruption proved severe enough for some jurisdictions to sever ties with Crisis24 entirely. Douglas County, Colorado, announced that it had terminated its CodeRED contract and is seeking alternative vendors. Others, however, indicated a willingness to stay with the company as it prepares to deploy a rebuilt version of the platform.

Crisis24 promises a clean slate platform

According to notices sent to customers, Crisis24 is rushing through the rollout of a revamped CodeRED system hosted in a separate environment untouched by the threat actors. The company said the new platform underwent a full security audit, penetration testing and infrastructure hardening before being proposed as a replacement.

City officials in University Park, Texas, doubled down on the company’s reassuring stance, stating that they were in the process of migrating their alert capabilities, emphasizing their commitment to resident data protection. In the meantime, affected communities fell back on social media posts, reverse 911 phone calls and even door-to-door notifications when necessary.

Stolen data and stronger password warnings

Although CodeRED itself was taken offline, the perpetrators reportedly accessed a broad range of customer data, including:

  • Full names
  • Addresses
  • Phone numbers
  • Email addresses
  • Account passwords

Several municipalities urged residents who created CodeRED accounts to change any reused passwords immediately to prevent credential-stuffing attacks.

Crisis24’s own FAQ section confirmed that only CodeRED was affected by the security incident, adding that it has no evidence of broader compromise. However, it also warned that stolen data may surface online despite the lack of early signs of leakage.

INC ransomware group claims responsibility

The INC ransomware gang has taken credit for the intrusion and published samples of stolen data on its leak site. The group also posted what appear to be fragments of negotiation logs, showing an initial ransom demand of $950,000, which was later reduced to $450,000. Crisis24 allegedly countered with offers of $100,000 and later $150,000, both of which were rejected.

The threat actors claim they gained access on Nov. 1 and deployed encryption on Nov. 10. With negotiations stalled, they now say they will sell the stolen information. Crisis24 maintains it is supporting all affected localities to keep emergency communications online during the transition.

Strengthening personal security after data breach

In the wake of breaches where names, emails and contact details fall into criminal hands, residents and organizations may also want to strengthen their visibility over how their personal data circulates online.

Bitdefender Digital Identity Protection can help monitor for leaked information across data dumps, dark-web marketplaces and other high-risk sources, alerting you the moment your identity appears in a breach.