- OnSolve’s former CodeRED platform was hit by a cyber attack that claimed the INC Ransomware
- The hack forced Crisis24 to rebuild using outdated backups, causing permanent loss of accounts and data.
- The Douglas County Sheriff’s Office and 911 agency stopped working with CodeRED, citing citizen privacy concerns.
OnSolve, a cloud-based critical incident and mass notification platform, recently suffered a highly disruptive cyberattack that forced the company to decommission its old CodeRED environment and upgrade to a new version, resulting in the loss of sensitive data and even a business customer.
OnSolve is a service that enables businesses to send urgent alerts and notifications via SMS, phone, email, push notifications and more. It is used by national and local authorities, police and other emergency services. CodeRED is the platform that makes this service possible.
Crisis24, the company behind OnSolve and CodeRED, recently informed its customers of an “attack led by an organized group of cybercriminals” and said that data related to the former OnSolve CodeRED platform had been “deleted from our systems.” He stressed there was no evidence the data had been published online, but added there was a good chance it could be leaked.
The FBI has been notified
“It appears that the affected data set may contain contact information for OnSolve CodeRED users: name, address, email address, phone number, and/or associated passwords used to create user profiles for alerts,” the notice said.
“If users use the same password for other personal or business accounts, those passwords should be changed immediately.”
The attack forced Crisis24 to rebuild its service using a backup. However, since the backup is more than six months old, accounts and data generated during that time appear to have been permanently lost.
The attack was claimed by a ransomware operator called INC Ransom, who created a new post on its Tor data breach site and added screenshots showing OnSolve customer data.
At the same time, it is Douglas County Sheriff’s Office and the Douglas County Emergency Board decided to cut all ties with CodeRED and begin looking for a replacement.
“Our top priority is the privacy and protection of our citizens, which has led to the decision to terminate our agreement with CodeRED,” he said in a press release.
IN BeepTeam