Toggle menu

    Cyber incident

    Gateshead Council was the subject of a cyber incident on Wednesday 8 January 2025 and we have been working since then to investigate and understand the impact.  

    These investigations have shown that some personal data was accessed and we are contacting those impacted directly.  

    The incident was contained due to the robust security checks already put in place by the council, so disruption to our services was minimal although some customers may experience some delays.  

    Customer bank details were not accessed. 

    Our website was also unaffected and is safe to use, including making payments.  

    It is also safe to send and receive emails to or from a gateshead.gov.uk email address, and to open attachments that we send.  

    What we are doing to manage the incident

    The North East Regional Organised Crime Unit (NEROCU), a collaboration between Cleveland Police, Durham Constabulary, and Northumbria Police, is investigating this matter. We are also taking advice from the National Cyber Security Centre and the Ministry of Housing, Communities and Local Government. 

    We are reviewing the data that was accessed and are contacting those impacted. 

    This matter has been raised to the Information Commissioner's Office and other regulatory bodies. 

    We will be providing updates as part of the ongoing response to this incident and if we discover your data is at risk we will contact you directly. 

    If you have a question about the incident

    We appreciate that you may have concerns about this incident, and we hope this page answers some of the questions you may have. 

    Please check this page for updates. Because this situation is still developing, and it is also an ongoing criminal investigation, we may not be able to answer all your questions, and we apologise for that. 

    We are writing to people whose data was affected and will provide contact details for further queries. If you have not been contacted by the council on this matter, please be assured that there is not a high risk to you based on the data that was accessed. We are unable to respond to individual requests to check if personal data has been breached.

    Freedom of information requests

    Most requests for information relating to the cyber incident will not be released at this time as there is a criminal investigation going on. The information is currently exempt from release under section 31(1) - Law Enforcement. 
     
    Releasing any information relating to the investigation at this time could prejudice law enforcement's ability to prevent and detect crime and/or apprehend offenders. It is not in the public interest to raise the risk of prejudicing any capture of offenders or future trial.

    Claiming compensation if your data has been affected

    You can only claim compensation if you can evidence that financial damage or demonstrable distress has been caused due to an actual data breach. 
     
    The Information Commissioner's Office has more information on their website (opens new window)
     
    We would advise anyone approached by firms offering class action claims at a cost to be careful. These claims are rarely successful. 

    What you can do to protect yourself 

    As a precaution we would like to offer the following advice to residents and customers

    • look out for any phishing emails or fraudulent activity on your accounts
    • use strong, unique passwords
    • if you suspect your account has been compromised, change your password
    • be vigilant for anything that does not seem right and be cautious when sharing your personal information

    For more advice on how to stay safe online, visit the National Cyber Security Centre website (opens new window). This website also gives advice on actions to take following a data breach (opens new window)

    Information about what to do if you think you have been a victim of identify fraud is on the GOV.UK Stop! Think Fraud website (opens new window).

    Information about how to protect yourself against identity fraud can be found on the Experian website (opens new window)

    If you are getting spam calls and texts 

    You can check the Have I been Pwned website (opens new window) to see if any of your data has been compromised in other data breaches. 
     
    You can report any spam calls and texts to the Information Commissioner's Office using the details on their website (opens new window)

    You can also register your phone numbers with the telephone preference service (TPS) on  their website (opens new window)

    Close

    Information rights