Hackers have stolen and published sensitive information from the Kido nursery chain, affecting around 8,000 children across the UK, with names, addresses, and photos reportedly posted online.
Details of the Nursery Cyberattack
The Nursery Cyberattack was attributed to a group identifying itself as Radiant. According to BBC reports, the hackers demanded ransom after stealing personal data, including children’s profiles, safeguarding notes, and information about parents and carers. Ten children’s details have already been leaked on the group’s darknet website.
Kido, which operates nurseries in London and internationally, has not yet issued a public statement regarding the nursery cyberattack. The organization’s website highlights its operations across the USA, UK, India, and China, emphasizing its focus on early childhood education and care.
Police and Security Response
A spokesperson for the Metropolitan Police confirmed receiving a referral on Thursday regarding a ransomware incident affecting a London-based organization. The Met’s Cyber Crime Unit is investigating, but no arrests have been made at this stage.
Jonathon Ellison, national resilience director at the UK’s National Cyber Security Centre (NCSC), described the reports as “deeply distressing.” He emphasized that cybercriminals target any organization they believe can generate profit, warning that exploiting institutions caring for children is a particularly harmful tactic.
The NCSC has issued tailored cybersecurity guidance for nurseries and early years providers to strengthen defenses against similar threats. Guidance has also been made available for individuals concerned that their data may have been compromised.
Parents’ Concerns and Reactions
Parents have expressed alarm at the breach. Bryony Wilde, whose child attends a Kido nursery, told the BBC that children’s details should never be exploited in this way. “They are kids – their personal details shouldn’t be worth anything,” she said, describing them as “completely innocent victims.”
The hackers told BBC reporters that they viewed the attack as a form of “pentest” or penetration test, a method typically used by authorized cybersecurity professionals to evaluate an organization’s defenses. However, the group claimed they were seeking compensation, stating they “weren’t asking for an enormous amount.”
Cybersecurity experts stress that this explanation does not change the nature of the incident, as ethical penetration testing is always conducted lawfully and with permission.
Growing Threats to Education and Childcare Providers
The attack on Kido underscores the growing threat posed by ransomware to educational and childcare institutions. Cybercriminals increasingly target organizations managing sensitive personal data, with the potential for significant harm to families if information is exposed or misused.
In recent years, hackers have broadened their focus beyond traditional corporate targets to schools, nurseries, and healthcare facilities. The sensitive nature of the data handled by these institutions makes breaches especially impactful, both for the individuals affected and for organizational trust.
Guidance and Next Steps
Authorities are urging affected families of Nursery Cyberattack to remain vigilant against potential misuse of their information. Common risks following such breaches include identity fraud, phishing scams, and unauthorized use of personal data.
The NCSC recommends that individuals impacted by Nursery Cyberattack monitor financial accounts, be cautious of unsolicited emails or messages, and report suspicious activity immediately. Early years providers are encouraged to adopt layered cybersecurity measures, including regular staff training, secure backups, and incident response planning.
Investigations into the Kido Nursery Cyberattack remain ongoing, with law enforcement and cybersecurity agencies working to identify the perpetrators and limit further damage.
