Community » Advanced Components » List & Detail Pages

News

Font Size: + -
Share & Bookmark, Press Enter to show all options, press Tab go to next option
Print

CodeRED Emergency Alert System Cybersecurity Incident

Post Date:11/28/2025 5:50 PM

The City of Sioux City is informing residents of a recent cybersecurity incident involving the legacy CodeRED emergency notification system, operated by our third-party provider, OnSolve. This incident did not affect any City systems. The third party provider, OnSolve, has confirmed that data from the former CodeRED platform was removed by an organized cybercriminal group and may have been published online.

The provider’s investigation is ongoing. However, out of an abundance of caution, we are sharing this information with residents so they can take immediate steps to protect their personal accounts.

The CodeRED system provides City staff the ability to quickly deliver messages to individuals in targeted areas or the entire city via text, email or phone. Since January 2020, the City of Sioux City has utilized the CodeRED platform to send emergency alerts related to snow emergencies, boil water warnings, and water main breaks to communicate critical information with citizens. An option to receive updates regarding public transit delays and garbage and recycling delays is also available.

Key Information

  • The incident was contained to the OnSolve CodeRED platform and did not impact any other City systems.
  • The provider has decommissioned the former CodeRED platform and migrated all customers to the new CodeRED by Crisis24 system, which is housed in a separate, non-compromised environment.
  • The data removed appears to include basic contact information (name, address, email address, phone numbers) and passwords used for former CodeRED accounts.
  • While the provider is still confirming details, residents should take immediate preventative action, especially if they reused their CodeRED password.

Immediate Action Residents Should Take

If you previously subscribed to CodeRED and used the same password for other accounts (email, banking, shopping, or business systems), the City strongly urges you to change those passwords immediately. Reused passwords can allow criminals to access unrelated accounts, even when only one system is compromised.

Cybersecurity experts recommend:

  • Creating unique passwords for each account
  • Enabling multi-factor authentication wherever possible
  • Monitoring accounts for any unusual activity

Transition to New CodeRED by Crisis24

The new CodeRED by Crisis24 system is now in use. Due to the damage caused to the former system, backup subscriber data used for migration reflects information last saved on March 31, 2025. Residents will be notified if additional action is needed to update information for future emergency notifications.

For assistance with CodeRED by Crisis24:
24/7 Support Line: 866-939-0911
Email: crsupport@crisis24.com


FREQUENTLY ASKED QUESTIONS (FAQ)

1. Was my data affected?

The City’s provider has informed us that data associated with the former OnSolve CodeRED system was removed. The information appears limited to:

  • Name
  • Address
  • Email address
  • Phone numbers
  • Password associated with the former CodeRED account

Residents who used the same password for other accounts should change those passwords immediately.

2. What exactly happened?

The provider reported that the legacy OnSolve CodeRED environment was damaged in a targeted cybersecurity attack by an organized cybercriminal group. The incident was contained to the CodeRED platform.

3. Did this impact City of Sioux City systems?

No. The incident was isolated to the CodeRED environment. No City systems—including public safety, utilities, or administrative systems—were affected.

4. What is the new CodeRED system?

The provider launched CodeRED by Crisis24, a new platform developed independently of the compromised system. It was already in progress and is housed in a non-compromised, separately secured environment. External cybersecurity experts conducted audits and penetration testing.

5. Was the new CodeRED by Crisis24 system affected?

No. The new platform was not impacted and is operating normally.

6. What is the provider doing about the issue?

The provider immediately secured its systems, reported the incident to law enforcement, decommissioned the former system, initiated a forensic investigation, and engaged external cybersecurity specialists.

7. Does this mean residents are victims of identity theft?

There is no evidence that stolen data has been used for identity theft or fraud. However, changing any reused passwords is a crucial protective step.

8. Why did this happen?

Cyberattacks targeting organizations of all sizes have increased significantly in recent years. This incident reflects broader national and global cybersecurity threats.

City Commitment

The City of Sioux City takes data protection and security seriously. We will continue to provide updates as new information becomes available and work closely with our provider to support residents and ensure the continuity of emergency alerts.

About OnSolve

OnSolve is the largest global provider of SaaS-based critical communication solutions for enterprise, SMB, and government customers. The company’s CodeRED® solution provides high-speed notification services capable of reaching millions of people in minutes, applying its mission critical capabilities to government, utilities, healthcare and other markets. More information can be found on the company’s website at www.onsolve.com.

Return to full list >>