The nursery chain has been the victim of a reported cyber attack
Cyberhackers are said to have stolen information about thousands of children from a nursery chain and posted some details on the darknet, it has been reported. Pictures, along with the names and addresses of around 8,000 children from the Kido nursery chain, are being used to demand ransom money, according to the BBC.
The broadcaster also reported it had been contacted by the hackers, who appear to be called Radiant, and have now published some stolen data including pictures and profiles of 10 children to their darknet website. Information about the children’s parents, carers, and safeguarding notes are in the hands of the hackers, it is alleged.
A Metropolitan Police spokesman said: “Met Police received a referral on Thursday following reports of a ransomware attack on a London-based organisation. Enquiries are ongoing and remain in the early stages within the Met’s Cyber Crime Unit. No arrests have been made.”
Bryony Wilde, whose child attends a Kido nursery in London, told the BBC: “They are kids – their personal details shouldn’t be worth anything. You are probably prepared to go a little bit further to protect children’s privacy and personal details.”
She described the children as “completely innocent victims”. BBC News said it had challenged the hackers over using children’s data to extort from a nursery, and were told by the criminals that they “weren’t asking for an enormous amount” and they “deserve some compensation for our pentest”.
A “pentest” – or penetration test – is the term for when ethical hackers are hired to assess the security of an organisation in a controlled and professional way.
Jonathon Ellison, the National Cyber Security Centre’s national resilience director, said: “The reports of highly sensitive data being stolen in a cyber incident impacting nurseries are deeply distressing. Cyber criminals will target anyone if they think there is money to be made, and going after those who look after children is a particularly egregious act.
“The NCSC has bespoke guidance to help early years settings, such as nurseries, protect themselves from attacks, as well as guidance for individuals who are concerned that their data has been affected by a breach.”
On its website, Kido, which has locations in London, says: “Our international network of schools in the USA, UK, India and China ensures that we bring best practices in operations, training, curriculum and care to each school.”
Kido has been contacted for comment by the PA news agency. The chain has 19 locations in London.
Sign up to our London Crimewatch WhatsApp community for the latest major court updates and breaking news delivered straight to your phone. Sign up HERE.
No one will be able to see who is signed up and no one can send messages except the MyLondon team. We also treat our subscribers to special offers, promotions, and adverts from us and our partners. If you don’t like our community, you can check out any time you like. To unsubscribe, click on the name at the top of your screen and choose ‘exit group’. If you’re curious, you can read our privacy notice.
