Ransomware victim disclosure
← All victimsMetropolitan Borough of Gateshead
Claimed by Medusa · listed 1 year ago
Status timeline
- ListedFeb 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Medusa
- Status
- Data leaked
- Country
- United Kingdom
- Sector
- Public Sector
- Listed on leak site
- Feb 22, 2025
- Records
- 684 employees
About the victim
AI dossier — public-source company profileMetropolitan Borough of Gateshead is a local authority serving the borough of Gateshead in Tyne and Wear, England, as part of the Tyneside conurbation. The council administers services across Gateshead and surrounding areas including Rowlands Gill, Whickham, Blaydon, Ryton, Felling, Birtley, Pelaw, Dunston and Low Fell, with a population of approximately 196,154 residents.
- Industry
- Local Government & Public Administration
- Address
- 12 Gladstone Terrace, Gateshead, Tyne and Wear, NE8 4DY, United Kingdom
- Employees
- 684
Attack summary
Severity: high — Attack on UK local government authority with confirmed data publication; local councils hold significant volumes of sensitive PII (resident records, benefit data, planning applications). Lack of specific proof inventory details prevents 'critical' classification, but the target is inherently sensitive infrastructure.Medusa claims to have compromised the Metropolitan Borough of Gateshead. The leak post indicates data has been published but provides no specific details on the nature of exfiltration, encryption, or the scope of data involved.
What the group claims
The Metropolitan Borough of Gateshead is a metropolitan borough in the metropolitan county of Tyne and Wear, England. It includes Gateshead, Rowlands Gill, Whickham, Blaydon, Ryton, Felling, Birtley, Pelaw, Dunston and Low Fell. The borough forms part of the Tyneside conurbation, centred on Newcastle upon Tyne. At the 2021 census, the borough had a population of 196154. Gateshead Council office is located in 12 Gladstone Ter, Gateshead, Tyne and Wear, NE8 4DY, United Kingdom and has 684 employees.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

