CodeRED Mass Notification Service Impacted by Cybersecurity Incident

Published on November 25, 2025

Text that says Service Alert

The City of Melbourne has been notified that CodeRED, the third-party service provider we use to distribute alerts and advisories regarding our water distribution service, has been damaged due to a cybersecurity incident that is affecting its clients nationwide.

The service is currently not able to accept new subscribers while the vendor works to move to a new platform. 

In addition, according to CodeRED, data associated with the platform was removed from their systems. They have reported that at this time they do not know if the data has been published online, but that it could be leaked. They believe the impacted dataset may contain contact information of CodeRED users, including name, address, email address, phone numbers, and/or associated passwords used to create user profiles for alerts. They recommend changing your passwords immediately if you use the same password for CodeRED that you do for any other account.  

We apologize for this disruption and inconvenience and will work with CodeRED to pass along any pertinent information as it becomes available.

For more information, please see this list of Frequently Asked Questions provided by CodeRED.

Frequently Asked Questions: CodeRED Cybersecurity Incident

Is user data affected? 

Our provider informed us that data potentially associated with the OnSolve CodeRED platform may be published. Our provider’s investigation suggests that the affected personal information is limited to contact information: name, address, email address, phone numbers and/or associated passwords used to create user profiles for alerts. If users have the same password for any other personal or business accounts, those passwords should be changed immediately.

What happened?

Our provider notified us that the OnSolve CodeRED environment was the victim of a targeted cyber-attack by an organized cybercriminal group. The attack damaged the OnSolve CodeRED environment. Our provider’s investigation indicates that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond. This does not impact any of our systems outside of emergency alerts.

Did this impact other systems for the municipality? 

No. Our provider’s forensic analysis indicates that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond. This does not impact any of our systems outside of emergency alerts.

What is the new CodeRed system? 

Our provider launched a new CodeRed System, which had been in the works. Our provider assures us that the new CodeRED platform resides on a non-compromised, separate environment and that they completed a comprehensive security audit and engaged external experts for additional penetration testing and hardening.

Does this incident impact the new CodeRed system? 

No. Our provider informs that it resides in a non-compromised, separate environment. It also informed that they completed a comprehensive security audit and as engaged external experts for additional penetration testing and hardening.

When did this event occur? 

Our provider notified us of the cybersecurity incident in November.

What is the provider doing to respond to this issue? 

The provider informed us that it promptly took steps to secure its systems, launched an investigation, and engaged external cybersecurity experts to assist. The provider decommissioned the OnSolve CodeRED platform and is the process of moving all customers to its new CodeRED platform.

Why did this happen? 

Unfortunately, there have been rising cybersecurity risks and penetrations across many organizations as of late.

 

 

 

Tagged as:
Back to top