Town of Vinton Notifies Residents of CodeRED Emergency Alert System Cybersecurity Breach
Vinton — On December 16th 2025 – The Town of Vinton is alerting residents about a cybersecurity incident involving its former emergency communications provider, CodeRED, after the company confirmed that subscriber information may have been accessed during a breach.
According to information provided by CodeRED and Crisis24, an organized cybercriminal group targeted the OnSolve CodeRED platform, damaging the system and allegedly removing data from CodeRED servers. Company officials believe some of that data has since been published online, although the full scope and specific data elements involved have not yet been confirmed.
Subscription-only service
Town officials emphasized that CodeRED was a voluntary, subscription-only service. Only residents who chose to sign up to receive emergency alerts would have had their information stored on the platform. Residents who never subscribed to CodeRED are not affected by this incident.
CodeRED was used by municipalities to send mass notifications such as weather alerts, road closures, and public safety messages, and typically required only basic contact information from subscribers.
What information may have been exposed
The potentially impacted information may include:
- Name
- Home address
- Email address
- Phone number
- Passwords associated with CodeRED accounts
Officials stated that no financial information, Social Security numbers, or credit card data were involved.
❓ Explainer: Are CodeRED and Crisis24 the same company?
Not exactly — but they are connected.
- CodeRED was the specific alert system that experienced the cybersecurity breach.
- The CodeRED platform was operated by OnSolve.
- Following the incident, the CodeRED platform was shut down and decommissioned.
- Emergency alerts were moved to Crisis24, which operates on a different system and is now handling emergency notifications.
While CodeRED and Crisis24 are connected through corporate ownership and transition support, the breached CodeRED platform is no longer in use by the Town of Vinton. Crisis24 is currently serving as the replacement while the Town evaluates a permanent emergency communications provider.
Immediate action taken by the Town
After being notified of the breach, the Town of Vinton immediately stopped using CodeRED. Emergency notifications are now being delivered through Crisis24, and town officials say they are actively reviewing long-term replacement options.
Town officials also confirmed that Vinton’s internal systems were not compromised. The incident occurred at the vendor level, not within town-owned infrastructure.
What residents should do
Residents who previously subscribed to CodeRED are encouraged to take the following steps:
- If you reused your CodeRED password on any other websites, apps, or online services, change those passwords immediately.
- Even though the Town no longer uses CodeRED, reused passwords could be tested by cybercriminals on other accounts such as email, social media, or shopping sites.
- Be cautious of unsolicited emails, texts, or phone calls claiming to be emergency alerts.
- Do not click on links or provide personal information unless the source is verified.
Cybersecurity experts note that password reuse is one of the most common ways attackers gain access to unrelated accounts after a data breach.
Support and assistance
Residents with questions or who need additional information may contact CodeRED/Crisis24’s 24/7 support line at 1-866-939-0911 or email crsupport@crisis24.com.
CodeRED and Crisis24 stated they regret the inconvenience caused by the incident and noted that investigations of this nature can take time to complete.
Ongoing updates
The Town of Vinton says it will continue to monitor the situation and provide updates as more information becomes available, including details regarding a permanent replacement for the emergency alert system.
Residents are encouraged to follow official town communications and remain alert for potential phishing or scam attempts related to this incident.