Gateshead Council investigating a major ransomware attack on its systems
Gateshead Council has admitted to suffering a major cyber security incident after a notorious hacker group claimed that it breached the Council’s network and demanded $600,000 as ransom.
On January 14, the infamous Medusa ransomware group said it infiltrated the internal network of the Metropolitan Borough of Gateshead and stole confidential data from the council’s systems. The group reportedly gave the Council a deadline of 9 days to pay a ransom of $600,000, failing which it would leak the stolen data online.
Acknowledging the hacker group’s claims, Gateshead Council said in a statement posted on its website that it has recently identified a data security incident and has launched an investigation to determine the nature and scope of the incident.
The investigation is being carried out by the North East Regional Organised Crime Unit (NEROCU), a collaboration between Cleveland Police, Durham Constabulary, and Northumbria Police.
“The incident happened in the early hours of Wednesday 8 January, and officers have been working since then to investigate and understand the impact. These investigations have shown some personal data has been infringed. Those impacted are being contacted directly by council officers,” the Council said.
Officials have assured residents that the incident was quickly contained and the Council continues to conduct its businesses as usual.
The Council has notified the Information Commissioner’s Office and other regulatory bodies about the cyber security incident and is working with their expert guidelines.
Commenting on the news of the cyber attack, Mike Barker, Strategic Director for Corporate Services and Governance for Gateshead Council, said, “Protecting the public is our top priority and I want to reassure our residents and stakeholders we take such situations extremely seriously.
“We will be providing updates as part of the ongoing response to this incident and if we discover your data is at risk we will contact you directly.
“As investigations continue there is a possibility of further issues arising, and we will work to mitigate this should that be the case. Investigations so far have not indicated there is any further damage caused, but we need to be open to the possibility,” he added.
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543