Carlisle Borough’s emergency alert system, CodeRED, suffered a targeted cyberattack resulting in the potential compromise of user contact data. The breach exposed sensitive information including names, addresses, emails, phone numbers, and passwords though no evidence yet confirms the stolen data has been leaked online. Users who reused passwords across platforms were advised to change them immediately to mitigate risks of credential stuffing or further unauthorized access.The attack forced the decommissioning of the old CodeRED platform, disrupting emergency notification services (e.g., evacuations, weather alerts) until migration to the new Crisis24 system is complete. While the new system remained unaffected, the incident raised concerns over public safety communication delays and reputational damage due to the exposure of personal data. Officials assured ongoing updates but emphasized the need for re-registration, adding operational friction for residents and businesses relying on timely alerts. The breach underscores vulnerabilities in critical public infrastructure and the cascading risks of third-party vendor compromises.
Borough Of Carlisle cybersecurity rating report: https://www.rankiteo.com/company/carlislepa
"id": "CAR2163321112525",
"linkid": "carlislepa",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'CodeRED users (number '
'unspecified)',
'industry': 'Public Safety / Emergency Services',
'location': 'Carlisle, Pennsylvania, USA',
'name': 'Carlisle Borough',
'type': 'Municipal Government'},
{'customers_affected': 'CodeRED users (number '
'unspecified)',
'industry': 'Emergency Notification Services',
'name': 'CodeRED (by OnSolve)',
'type': 'Private Company'}],
'customer_advisories': 'Users notified via Facebook; further updates pending.',
'data_breach': {'data_exfiltration': "Likely (data 'removed' and at risk of "
'leakage).',
'personally_identifiable_information': True,
'sensitivity_of_data': 'Moderate (PII and passwords, but no '
'evidence of misuse yet).',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Contact Information',
'Authentication Credentials '
'(passwords)']},
'date_publicly_disclosed': '2023-11-20T00:00:00Z',
'description': 'Carlisle Borough’s emergency alert provider, CodeRED, '
'experienced a targeted cyberattack. Some user contact '
'information stored on CodeRED might have been removed and '
'could potentially be leaked. The borough advised users who '
'reused passwords elsewhere to change them immediately. '
'CodeRED has decommissioned the old platform and is migrating '
'users to a new, more secure system (CodeRED by Crisis24).',
'impact': {'brand_reputation_impact': 'Potential reputational risk due to '
'compromised user data and service '
'disruption.',
'data_compromised': ['name',
'address',
'email',
'phone number',
'passwords (for CodeRED profiles)'],
'identity_theft_risk': 'Moderate (if reused passwords were '
'compromised).',
'operational_impact': 'Emergency alert system temporarily '
'disrupted; migration to new platform '
'(CodeRED by Crisis24) underway.',
'systems_affected': ['CodeRED (old platform)']},
'investigation_status': 'Ongoing (updates to be shared as available).',
'post_incident_analysis': {'corrective_actions': ['Migration to a new, more '
'secure platform (CodeRED '
'by Crisis24).']},
'recommendations': ['Users who reused CodeRED passwords elsewhere should '
'change them immediately.',
'Monitor for unauthorized use of compromised data.',
'Enhance security measures for emergency notification '
'systems.'],
'references': [{'date_accessed': '2023-11-20T00:00:00Z',
'source': 'Carlisle Borough Facebook Announcement'}],
'response': {'communication_strategy': ['Public announcement via Facebook',
'Ongoing updates to be shared as '
'available.'],
'containment_measures': ['Decommissioning of the old CodeRED '
'platform.'],
'incident_response_plan_activated': True,
'recovery_measures': ['Service restoration in progress; '
'potential re-registration for users.'],
'remediation_measures': ['Migration to CodeRED by Crisis24 (new '
'platform with additional security '
'testing).']},
'stakeholder_advisories': 'Users advised to change passwords if reused; no '
'action needed for non-password-protected profiles.',
'title': 'Cyberattack on Carlisle Borough’s Emergency Alert Provider CodeRED',
'type': 'Data Breach / Cyberattack'}