Hackers have claimed responsibility for a major cyberattack on Kido International, a childcare provider running several nurseries in London. They said personal data belonging to more than 8,000 children had been stolen and posted details of the breach on a dark web forum.
The gang, which calls itself Radiant, evidenced its claim by publishing the names, photos, home addresses, and family contact information of 10 children it said attended one of Kido’s 18 nurseries in Greater London.
The hack, which raises serious concerns about child safeguarding and data privacy, was the latest in a string of serious ransomware incidents in Britain that have rocked businesses in Britain this year.
“Next steps for us will be to release 30 more ‘profiles’ of each child and 100 employees,” the post on Radiant’s leak website said.
In a statement, London’s Metropolitan Police said they had made no arrests. “Enquiries are ongoing and remain in the early stages within the Met’s Cyber Crime Unit,” the statement said.
Speaking over an encrypted messaging service, the nursery hackers said they had been inside Kido’s networks for weeks.
Cybercriminals
Asked where they were based, the hackers said they were in Russia, though they did not provide evidence to support that statement.
Ransomware is malicious software used by cybercriminals to encrypt a company’s data and demand payment for its release. The hackers declined to say how much money they were asking Kido International to pay.
“Cybercriminals will target anyone if they think there is money to be made, and going after those who look after children is a particularly egregious act,” Jonathon Ellison of the National Cyber Security Centre, part of Britain’s GCHQ spy agency, said in a statement.
A government source said on Thursday that the British government was considering providing financial support for carmaker Jaguar Land Rover’s suppliers after a shutdown caused by a cyberattack was extended until October.
A day earlier, police said they had arrested a man as part of an investigation into a ransomware attack against Collins Aerospace, owned by RTX. The cyberattack crippled automated check-in systems at London Heathrow, Britain’s busiest airport, and caused travel chaos at other airports across Europe.
In April, a group of hackers dubbed Scattered Spider was widely reported to be behind an attack that crippled British retailer Marks & Spencer preventing one of Britain’s best-known retailers from taking online orders for weeks.
The company forecast in May that the hack would cost it about 300 million pounds ($405 million) in lost operating profit in its 2025/26 financial year.
(With inputs from Reuters)
