Cybercriminals have once again targeted a UK local authority, with Gateshead Council in North East England falling victim to a ransomware attack by the Medusa group. The council confirmed that law enforcement is actively investigating the cybersecurity breach, first detected on January 8. Just hours before this confirmation, Medusa uploaded allegedly stolen documents to its leak site, demanding a $600,000 ransom.
Data Breach Exposes Personal Information
According to Gateshead Council, unauthorized access was gained to its systems, compromising sensitive personal data. The leaked files reportedly include personally identifiable information (PII) such as full names, email addresses, phone numbers, home addresses, employment records, and more.
Among the exposed documents are job applications, internal spreadsheets, departmental budget reports, and financial records related to social care services. Both residents and public sector employees appear to be affected by this breach.
Gateshead Council’s Response and Ongoing Investigation
Officials stated that immediate remedial actions were taken to contain the incident, ensuring business operations continue as usual. The Information Commissioner’s Office (ICO) has been notified, and affected individuals are being contacted directly.
Mike Barker, Strategic Director for Corporate Services and Governance at Gateshead Council, reassured residents that security measures helped mitigate potential damage. He emphasized that protecting the public remains a top priority, and investigations will determine how the attack occurred and any broader implications.
Warning to Residents: Stay Alert for Phishing Attempts
Gateshead Council has urged residents and employees to remain vigilant against phishing scams and fraudulent activities. They recommend reviewing and strengthening passwords, as well as changing any compromised credentials. Updates will be provided as the situation develops, and impacted individuals will be contacted directly if further risks are identified.
Rise in Cyberattacks on UK Public Sector
This attack is part of a growing trend of ransomware incidents targeting UK public institutions. In March 2024, Leicester City Council suffered a ransomware attack, and numerous councils have faced DDoS assaults from pro-Russian cyber groups like NoName057(16). Additionally, several hospitals across the UK have been affected by similar cyber threats.
UK Government Considers Banning Ransom Payments
Following these increasing threats, the UK government has launched a 12-week consultation to explore banning ransom payments in the public sector. Running until April 8, the consultation will also evaluate whether large commercial organizations should require a government-approved license to make ransom payments, similar to Australia’s policy implemented in November 2024.
Conclusion
As ransomware attacks continue to rise, organizations must strengthen cybersecurity defenses and adopt proactive security measures. With the UK government potentially outlawing ransom payments, businesses, and public institutions need to focus on robust security frameworks to prevent data breaches and cyber extortion.
source: theregister
