LaMoure County has been using CodeRED for emergency alerts. Recently, the following information was provided regarding a cybersecurity incident which damaged the OnSolve CodeRED environment in a targeted attack by an organized cybercriminal group.
CodeRED by Crisis24 Customer Support - Sent Friday, November 21, 2025 8:17 PM
Important update – OnSolve CodeRED Cybersecurity Incident
The data associated with the legacy OnSolve CodeRED platform was removed from our systems. While there is currently no indication that this data has been published online, we are proactively informing you that it may be leaked.
It appears that the impacted dataset may contain contact information of OnSolve CodeRED users: name, address, email address, phone numbers, and/or associated passwords used to create user profiles for alerts. If the same password is used by users for any other personal or business accounts, those passwords should be changed immediately.
We have decommissioned the OnSolve CodeRED platform and we have expedited our plan to make our new CodeRED by Crisis24 platform available to all customers, using backup data.
Unfortunately, we have all witnessed the rising cyberattacks affecting many businesses and organizations. We sincerely regret that this event has occurred, and we remain committed to supporting you, our customers, and to restoring your previous alerting and public notification capabilities. We ask for your patience while our team diligently works to ensure prompt activation and data upload to your CodeRED by Crisis24 account.
We understand that your users may have questions. We have included some FAQs below to assist you.
We appreciate your continued understanding and partnership. Please contact us directly at crsupport@crisis24.com with any concerns or questions. We are here for you.
Regards,
Grégoire Pinton
Managing Director, Integrated Risk Management
Is user data affected?
Our provider informed us that data potentially associated with the OnSolve CodeRED platform may be published. Our provider’s investigation suggests that the affected personal information is limited to contact information: name, address, email address, phone numbers and/or associated passwords used to create user profiles for alerts. If users have the same password for any other personal or business accounts, those passwords should be changed immediately.
What happened?
Our provider notified us that the OnSolve CodeRED environment was the victim of a targeted cyber-attack by an organized cybercriminal group. The attack damaged the OnSolve CodeRED environment. Our provider’s investigation indicates that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond. This does not impact any of our systems outside of emergency alerts.
When did this event occur?
Our provider notified us of the cybersecurity incident in November.
What is the Provider doing to respond to this issue?
The provider informed us that it promptly took steps to secure its systems, launched an investigation, and engaged external cybersecurity experts to assist. The provider decommissioned the OnSolve CodeRED platform and is the process of moving all customers to its new CodeRED platform.
What information of users was involved?
The provider is still investigating this matter, however, the provider informs that the affected personal information appears to be limited to contact information: name, address, email address, phone numbers and/or associated passwords used to create user profiles for alerts. If users have the same password for any other personal or business accounts, those passwords should be changed immediately.
Does this mean that users are victims of identity theft?
We have no evidence that any user information has been used to carry out identity theft and/or fraud.
Why did this happen?
Unfortunately, there have been rising cybersecurity risks and penetrations across many organizations as of late.