DOUGLAS COUNTY — Several Colorado law enforcement agencies say they're either terminating or reevaluating contracts with CodeRED, an emergency alert system, after the company fell victim to a cyber attack earlier this month.
Crisis24, the company that owns the CodeRED platform, confirmed that data including names, addresses, email addresses, phone numbers, and passwords of users signed up for alerts may have been leaked in the data breach.
Douglas County Sheriff Darren Weekly said his office was not contacted by Crisis 24 until deputies tried to send out a CodeRED alert to residents about a prescribed burn south of Larkspur two weeks ago.
"It didn't work. Nobody told us that the system was down. And not only was it down for Douglas County, it was down for the state of Colorado, and it was down across the country," said Sheriff Weekly. "Had we had a major event, a criminal event, like an active shooter situation, a wildfire, whatever, we would not have had, and we still don't have the ability to reach out to our citizens to let them know what's going on."
He said the Douglas County Sheriff's Office (DCSO) has terminated its contract with CodeRED and hopes to have a new emergency alert platform working in a few weeks. In the meantime, Sheriff Weekly said residents can get emergency updates from DCSO's social media pages. He said deputies will also result to door-to-door notifications in some emergencies.
Dr. Steve Beaty, a computer science professor at Metropolitan State University of Denver, said if you created a CodeRED account and used the same password elsewhere, to immediately change those passwords.
"What the bad actors will typically do is the instant they have these sorts of data, then they go out to all of the banks and credit card companies and try to get money one way or another, loans, etc., direct withdrawals," said Beaty.
He recommends people stay away from reusing passwords, create passwords with at least 20 characters, and use a browser password manager to easily keep track of different passwords.
"In a vacuum, this particular breach might not be all that sensitive, but when the bad actors start to aggregate all the information, then that is when we get concerned," said Beaty.
Local
Cyberattack disrupts CodeRED Alerts in at least two Colorado counties
In a social media post on Monday, the Thornton Police Department said it is evaluating its contract with CodeRED after the data breach. The Arapahoe County Sheriff's Office said it has been transitioning away from CodeRED since October and will begin using the RAVE alert system. The sheriff's office said the RAVE alerts will "provide a more secure and reliable platform for emergency notifications."
The City of Aurora said in a social media post on Monday that it is experiencing issues with CodeRED and shares the same concerns as other municipalities and public safety agencies. The city said communication from Crisis24 "has and continues to be limited."
Denver7 reached out to Crisis24 to ask why the company did not immediately notify law enforcement agencies in Colorado about the outage and subsequent data breach. Crisis24 did not directly respond to our question but sent the following statement:
We confirm that data potentially associated with the legacy OnSolve CodeRED platform has been published online following a targeted attack by an organized cybercriminal group. The attack also resulted in damage to the OnSolve CodeRED environment. Current forensic analysis indicates that the incident was fully contained within that environment, with no contagion beyond.
The dataset involved may include information for OnSolve CodeRED users. Users who have reused their OnSolve CodeRED password for any other personal or business accounts are advised to change those passwords immediately. We have notified affected OnSolve CodeRED customers and have decommissioned the platform. In parallel, we have accelerated the rollout of our new CodeRED by Crisis24 platform.
Cyberattacks remain a persistent threat across all sectors, and we regret that this incident has occurred. We remain fully committed to supporting our customers and ensuring their basic alerting and public notification requirements continue to be met without interruption.
DCSO said 88,000 landline users are signed up for CodeRED alerts as well as 130,000 cell phone users.
Sheriff Weekly said residents can sign up for FEMA's Integrated Public Alert and Warning System (IPAWS) to receive large scale alerts for incidents like fires and floods, but said the system does not notify residents about local incidents.
"Again, I can't stress enough. CodeRED really dropped the ball when they knew this information was compromised and didn't tell anybody," Sheriff Weekly said.
