The City of Melissa has issued an update regarding a cybersecurity incident involving a retired emergency notification platform used by the municipality. The city confirmed that the breach occurred within the vendor’s legacy CodeRED system and did not compromise any City of Melissa computer systems.
According to the vendor, an organized cybercriminal group removed data from the retired environment. While the vendor states there is no current evidence that the information has been published online, they noted it could potentially be leaked. The affected data may include names, addresses, email addresses, phone numbers, and passwords associated with user profiles on the retired system.
Melissa is about 5 miles south of Anna. The city advises residents who reused passwords from the retired CodeRED system for other accounts to change those passwords immediately as a precaution.
The legacy CodeRED system has been decommissioned. The vendor has accelerated access to a new platform called CodeRED by Crisis24, which operates in a separate environment. The vendor reports that this new platform has undergone a full security audit supported by external experts.
Because the legacy system was permanently damaged during the attack, the vendor reports that the most recent available backup of customer enrollment data is from March 31, 2025. Consequently, some residents who enrolled or updated their information after that date may not be included in the new system until the vendor completes their restoration work.
The City of Melissa continues to send emergency notifications through the new CodeRED by Crisis24 platform and through TextMyGov. The city strongly urges all residents to confirm or update their emergency notification information to ensure they continue receiving alerts.






