The **Douglas County Sheriff’s Office** halted the use of **CodeRED**, an emergency alert system, after discovering a **cyberattack and data breach** that compromised customer information. The breach was detected on **November 21**, though system outages were reported two weeks prior without confirmation. While the stolen data has not been publicly leaked, authorities warn that **personal information of CodeRED users may have been exposed**, prompting recommendations to monitor credit reports. The breach affected **hundreds of agencies nationwide**, forcing multiple counties (including Weld and Park) to abandon the platform. Douglas County is now relying on **door-to-door notifications, social media, and alternative alert systems** (like IPAWS) while transitioning to a new provider. The incident has disrupted critical emergency communications, as CodeRED was previously used for **evacuation orders, shelter-in-place alerts, and wildfire warnings**. Users must re-register for any new system, as their data will not transfer automatically. The breach has eroded trust in the platform’s security, leaving communities vulnerable during emergencies.
Source: https://www.denverpost.com/2025/11/24/code-red-emergency-alerts-data-breach-colorado/
Emergency Communications Network cybersecurity rating report: https://www.rankiteo.com/company/emergency-communications-network-llc
"id": "EME1521815112525",
"linkid": "emergency-communications-network-llc",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown (residents using '
'CodeRED)',
'industry': 'Public Safety',
'location': 'Douglas County, Colorado, USA',
'name': 'Douglas County Sheriff’s Office',
'type': 'Government Agency (Law Enforcement)'},
{'customers_affected': 'Unknown',
'industry': 'Public Safety',
'location': 'Weld County, Colorado, USA',
'name': 'Weld County Sheriff’s Office',
'type': 'Government Agency (Law Enforcement)'},
{'customers_affected': 'Unknown',
'industry': 'Public Safety',
'location': 'Park County, Colorado, USA',
'name': 'Park County Sheriff’s Office',
'type': 'Government Agency (Law Enforcement)'},
{'customers_affected': 'Hundreds of agencies',
'industry': 'Emergency Notification Services',
'location': 'USA (nationwide)',
'name': 'CodeRED (OnSolve)',
'type': 'Private Company'}],
'customer_advisories': 'Manual alerts (door-to-door, social media) until new '
'system is adopted; residents may need to re-register '
'for new alerts',
'data_breach': {'data_exfiltration': 'Likely (data lost but not published '
'online)',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (personal information requiring '
'credit monitoring)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2023-11-21',
'date_publicly_disclosed': '2023-11-27',
'description': 'The Douglas County Sheriff’s Office discontinued use of its '
'CodeRED emergency alert system after discovering a '
'cyberattack and data breach. The breach resulted in the loss '
'of customers’ personal information, though the data has not '
'been published online. The incident affected hundreds of '
'agencies nationwide, including multiple Colorado counties. '
'The sheriff’s office is transitioning to alternative alert '
'methods (e.g., door-to-door notifications, social media) '
'while evaluating new providers.',
'impact': {'brand_reputation_impact': 'Loss of trust in CodeRED system; '
'transition to alternative providers',
'data_compromised': True,
'downtime': '2023-11-07 (approx. initial outage) to 2023-11-21 '
'(discontinuation)',
'identity_theft_risk': 'Potential (residents advised to contact '
'credit bureaus)',
'operational_impact': 'Loss of emergency alert capabilities; '
'reliance on manual methods (door-to-door, '
'social media)',
'systems_affected': ['CodeRED emergency alert system']},
'investigation_status': 'Ongoing (no details on root cause or threat actor)',
'post_incident_analysis': {'corrective_actions': ['Discontinuation of '
'vulnerable system',
'Evaluation of secure '
'alternatives']},
'recommendations': ['Transition to more secure emergency alert systems',
'Proactive credit monitoring for affected residents',
'Multi-channel alert redundancy'],
'references': [{'date_accessed': '2023-11-27',
'source': 'The Denver Post (or original news outlet)'}],
'response': {'communication_strategy': ['Public disclosure',
'Advisories to residents (credit '
'bureau checks)',
'Media statements'],
'containment_measures': ['Discontinuation of CodeRED system'],
'incident_response_plan_activated': True,
'recovery_measures': ['Door-to-door notifications',
'Social media alerts',
'Potential new system adoption within 1–2 '
'weeks'],
'remediation_measures': ['Evaluation of alternative alert '
'providers']},
'stakeholder_advisories': 'Residents advised to contact credit bureaus; '
'counties evaluating alternative providers',
'title': 'Cyberattack and Data Breach on Douglas County Sheriff’s Office '
'CodeRED Emergency Alert System',
'type': ['Cyberattack', 'Data Breach', 'Service Disruption']}