2/10/2026: The St. Mary’s County Government (SMCG) Department of Emergency Services (DES) is providing an update regarding the previously reported cybersecurity incident involving the CodeRED Emergency Notification System. CodeRED is a third-party emergency notification service used by local governments across the country to send emergency alerts.
CodeRED has completed a forensic investigation, conducted by internal security teams and external cybersecurity experts, into the incident that led to the suspension of the legacy platform in November 2025.
What Happened – According to CodeRED, an organized cybercriminal group gained unauthorized access to the legacy OnSolve CodeRED environment beginning as early as October 31, 2025, and deployed ransomware on November 10, 2025. The attack resulted in the encryption of certain servers and significant damage to the legacy system.
While a data transfer tool was identified during the investigation, forensic experts found no evidence confirming that data was exfiltrated from the system.
Information Potentially Exposed
CodeRED reports that limited subscriber information affecting a small percentage of users was exposed across two data sets:
- One data set contained usernames, phone numbers, and inactive, outdated passwords that were deactivated and changed in 2015 during a prior platform migration.
- A second data set contained usernames with encrypted passwords that are unreadable and not identifiable. There is no evidence that encryption keys were accessed.
Importantly, CodeRED has confirmed that the exposed data did not include first or last names, addresses, or other sensitive personal information, and did not include any active passwords.
Updated Guidance for Residents – Based on the findings of the investigation, CodeRED advises that no active passwords were compromised. While residents were previously encouraged to change passwords out of an abundance of caution, the newly confirmed information indicates that exposed passwords were inactive and outdated.
Residents are still encouraged to remain vigilant and cautious of unsolicited communications requesting personal or financial information.
Emergency Alert System Update – As previously announced, the legacy OnSolve CodeRED platform has been permanently decommissioned. On January 6, 2026, the Commissioners of St. Mary’s County approved a new emergency notification system, Regroup Mass Notification, following review and recommendations by the Departments of Emergency Services and Information Technology. Additional information on this transition and the new system will be announced soon.
St. Mary’s County Government remains committed to transparency and to safeguarding the safety, security, and privacy of the community.
Residents with questions or concerns about this incident or about emergency notifications in St. Mary’s County may contact DES at [email protected] or (301)-475-4200 ext. 2125.
11/28/2025: The St. Mary’s County Government (SMCG) Department of Emergency Services (DES) is notifying residents about a recent cybersecurity incident involving the CodeRED Emergency Notification System. CodeRED is a third-party emergency notification service used by local governments across the country to send emergency alerts.
What Happened
CodeRED has informed SMCG that data associated with the legacy OnSolve CodeRED platform had been removed from their systems in a targeted cyberattack. While there is currently no indication that this data has been published online, CodeRED has advised that the data may be leaked in the future.
This cybersecurity incident was limited to systems owned and operated by the private CodeRED vendor. There is no indication that any St. Mary’s County Government systems, networks, or internal databases were accessed or affected.
What Information Was Involved
According to CodeRED, the impacted dataset may include contact information used in the CodeRED system, including:
- Name
- Address
- Email address
- Phone numbers
- Passwords associated with CodeRED user profiles
What Residents Should Do
If you created a CodeRED account, we strongly recommend that you:
- Change your CodeRED password.
- Change the password on any other accounts (email, banking, shopping, social media, etc.) where you used the same or a similar password.
- Monitor your accounts for unusual or suspicious activity and report any concerns to your service providers.
As always, residents should be cautious about unsolicited calls, texts, or emails, especially those requesting personal or financial information.
Impact on Emergency Notifications
Out of an abundance of caution, CodeRED has permanently decommissioned the legacy OnSolve CodeRED platform previously used by St. Mary’s County. To ensure continuity of service, CodeRED has accelerated our transition to its new CodeRED by Crisis24 platform. The Department of Emergency Services now has access to this updated system and can continue to send emergency notifications.
What St. Mary’s County Government Is Doing
SMCG’s Department of Emergency Services and Department of Information Technology are:
- Actively working with CodeRED and external partners to monitor the situation and the restoration of services.
- Reviewing the capabilities, functionality, and reliability of the new CodeRED by Crisis24 platform to ensure it meets our operational requirements.
- Evaluating internal procedures and notification protocols to maintain the highest possible level of service during this transition.
- Seeking additional information regarding historical data, including access to data current as of March 2025.
Our priority is to protect the safety, security, and privacy of St. Mary’s County residents while maintaining transparent communication about incidents that may affect you.
Residents with questions or concerns about this incident or about emergency notifications in St. Mary’s County may contact DES at [email protected] or (301)-475-4200 ext. 2125.
