A sophisticated ransomware attack by the INC Ransom group has crippled the OnSolve CodeRED emergency notification platform, impacting hundreds of US municipalities. The incident has forced the permanent decommissioning of the legacy system and exposed the personal data of millions of residents.
A significant cyberattack on real estate finance vendor SitusAMC has compromised corporate and customer data, impacting major US banks including JPMorgan Chase, Citi, and Morgan Stanley. The FBI is now investigating the breach, which affects the sensitive data of residential mortgage holders.
NVIDIA’s staggering 57 billion quarter didn’t just calm the market, it rewrote the AI story. What looked like a bubble unwind now looks like a misread. With sovereign AI deals, a Saudi megacentre and a global capex surge, NVIDIA has reset the race and reminded investors this era is only beginning.
A sophisticated ransomware attack by the INC Ransom group has crippled the OnSolve CodeRED emergency notification platform, impacting hundreds of US municipalities. The incident has forced the permanent decommissioning of the legacy system and exposed the personal data of millions of residents.
Cyber News Centre's cyber update for 25th November 2025: OnSolve, the operator of the widely used CodeRED emergency notification system, has been crippled by a ransomware attack, forcing the platform to be permanently decommissioned.
OnSolve provides the CodeRED mass notification system used by hundreds of municipalities across the United States to send emergency alerts, such as tornado warnings and evacuation notices, directly to residents' phones. The platform is a critical piece of public safety infrastructure for communities nationwide.
The Update: A sophisticated cyberattack has crippled the OnSolve CodeRED emergency notification platform, impacting hundreds of municipalities across the United States and potentially exposing personal information of millions of residents. The incident, which began in early November 2025, has forced OnSolve to permanently decommission its legacy CodeRED infrastructure and migrate customers to a new platform. The INC Ransom group has claimed responsibility for the attack, which they say resulted in the theft of user data including names, addresses, phone numbers, and passwords. In a statement, OnSolve's parent company, Crisis24, confirmed that data was removed from their systems and that it may be leaked.
The company stated, "Our forensic analysis continues to indicate that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond."
The attack has left many communities without a critical emergency communication tool while they transition to the new system.
Why it Matters: The successful attack on a nationwide emergency alert system highlights a significant and growing threat to critical public safety infrastructure. The compromise of CodeRED demonstrates that even systems designed to protect citizens in moments of crisis are vulnerable to sophisticated ransomware attacks. The potential leak of personal data for millions of people who signed up for these alerts erodes public trust in government-provided services. This incident forces a difficult conversation about the security of third-party vendors that provide critical services to government agencies and the cascading impact these breaches can have on public safety and personal privacy.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A significant cyberattack on real estate finance vendor SitusAMC has compromised corporate and customer data, impacting major US banks including JPMorgan Chase, Citi, and Morgan Stanley. The FBI is now investigating the breach, which affects the sensitive data of residential mortgage holders.
A ransomware attack crippled Pennsylvania’s Attorney General office, exposing sensitive data including names, Social Security numbers and medical details. Inc Ransom claimed responsibility after exploiting a Citrix vulnerability that disrupted systems for weeks.
Somalia's government has confirmed a major data breach of its electronic visa system, exposing the sensitive personal information of over 35,000 travellers. The incident has prompted warnings from the US and UK, raising serious concerns over digital infrastructure security.
GlobalLogic has confirmed that the Clop ransomware group stole the personal and financial data of more than ten thousand current and former employees after exploiting critical vulnerabilities in Oracle’s E Business Suite platform.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
