A nationwide cybersecurity incident involving the OnSolve CodeRED mass notification network has placed Monroe County, Georgia residents at risk, prompting local officials to warn the public and begin transitioning to a new emergency alert system.
The Monroe County cyberattack, which officials emphasize did not originate locally, has compromised personal information belonging to users enrolled in the county’s emergency alert service.
In its formal notification, Monroe County Emergency Management Agency (EMA) informed residents that a nationwide data breach affecting all OnSolve CodeRED customers had been confirmed.
The county stated, “This has been an issue nationwide,” stressing that the breach stemmed from an attack on the vendor system rather than any action by Monroe County personnel.
According to the county, the incident was attributed to “an organized cybercriminal group that has victimized our platform and our customers.”
Compromised Monroe County’s User Data
The cyberattack on Monroe County users occurred within the broader CodeRED environment, which supports emergency alerts issued across the United States. Once the breach was discovered, OnSolve immediately discontinued its CodeRED service nationwide and shifted resources to a new platform known as Crisis24 CodeRED. Officials said the intrusion was contained within the original system and did not spread to other networks.
According to OnSolve’s assessment, the compromised data includes names, addresses, email addresses, phone numbers, and passwords associated with CodeRED user accounts. County officials urged residents who use the same password for multiple accounts to change those passwords immediately to reduce the risk of further exposure.
Enrollment timing also affects the extent of data loss. Monroe County explained that residents who signed up for CodeRED before March 31, 2025, will have their information migrated to the new Crisis24 CodeRED platform. However, all data added after March 31, 2025, was lost during the incident, meaning those users will need to re-enroll once the new system becomes fully operational. The county noted that it is working closely with Crisis24 staff to expedite the setup of the replacement alert service.
Vendor Response, FAQ Details, and System Transition
Although the breach occurred entirely within a third-party vendor system, Monroe County EMA acknowledged that the incident is likely to cause worry within the community. Officials pledged ongoing communication, stating they will share any additional updates provided by OnSolve.
OnSolve also released a detailed FAQ explaining the breach. The vendor reported that personal contact information “may be published” as a result of the attack, but said forensic analysis indicates no impact on municipal systems beyond emergency alerts.
According to the provider, the newly launched Crisis24 CodeRED platform resides in a separate, non-compromised environment and has undergone a comprehensive security audit, including external penetration testing and system hardening.
The company stated that the cybersecurity incident was detected in November and that it acted quickly to secure the affected systems, launch an investigation, and engage outside experts. The original OnSolve CodeRED platform has since been permanently decommissioned.
No Evidence of Identity Theft, but Rising Cyber Risks Cited
Despite concerns surrounding the Monroe County cyberattack, officials report no evidence that the compromised data has been used for identity theft or fraud. They noted that the breach reflects a broader rise in cyber intrusions nationwide, highlighting the need for stronger threat monitoring and rapid detection.
As the county works to restore its emergency alert system, officials reiterated their commitment to transparency and continued oversight.
The growing frequency of attacks also stresses why organizations increasingly rely on independent threat-intelligence providers such as Cyble, whose research regularly tracks new vulnerabilities and cybercriminal activity across global networks.
To better understand how organizations can strengthen their defenses against incidents like the Monroe County cyberattack, security teams can request a guided demonstration of Cyble’s AI-native threat-intelligence capabilities.
A personalized demo provides a practical look at how Cyble identifies exposures, tracks threat actors, and supports faster response decisions.
