County Alerts Disrupted After Cyberattack on Third Party Vendor
On November 25, Buncombe County experienced an outage in its CodeRED and BCAlerts emergency messaging after a targeted cyberattack on the third party vendor OnSolve. The disruption prevented phone calls, texts and emails, and officials urged residents to change reused passwords and monitor credit reports while emergency services continued to operate normally.
Buncombe County officials reported that a targeted cyberattack on the OnSolve CodeRED environment on November 25 disrupted the county's ability to send emergency alerts by phone, text and email through the CodeRED and BCAlerts platform. The county said the impacted dataset may have contained contact information for users, including names, addresses, email addresses, phone numbers and passwords used to create user profiles. Officials advised users who reuse passwords to change them and to monitor credit reports if they have concerns.
The county characterized the incident as contained to the vendor environment and stated that as of the county posting on December 1 there was no indication that the information had been published. Importantly for public safety, the incident did not affect county 911 services or emergency response operations. During the outage IPAWS reverse 911 messages remained available through North Carolina Emergency Management and FEMA, providing an alternative channel for urgent notifications.
In response the county said it would engage the vendor, review vendor and cybersecurity policies, and consider alternative vendors to restore emergency messaging and strengthen resilience. Officials also described a layered communications approach using the county website, social media, Nextdoor, X, Instagram and local media to ensure residents continued to receive critical information while the CodeRED service was unavailable.
Local residents should be aware that time sensitive alerts issued through the usual CodeRED channels may not have reached everyone on November 25, and that personal contact information stored in the vendor environment was part of the scope of the incident. Practical steps include changing passwords that are used on multiple accounts, monitoring credit reports and using free resources from the Federal Trade Commission for credit monitoring, and signing up for or checking alternative county communication channels.
The event highlights broader supply chain risks in municipal technology systems and underscores the importance of redundant communication pathways for public safety. For life threatening emergencies continue to call 911. For updates on the messaging service restoration check the Buncombe County website and official county social accounts.
Sources:
Know something we missed? Have a correction or additional information?
Submit a Tip
