A hacking group calling itself Radiant has compromised a UK nursery chain called Kido, and is threatening to release the data it accessed unless a ransom is paid (first reported by the BBC). On Thursday it posted the profiles of 10 children on a dark web page alongside a “Data Leakage Roadmap” threatening that their next action would be to “release 30 more ‘profiles’ of each child and 100 employees’ private data.”
The London Metropolitan Police is investigating. Kido’s data was accessed through a breach of another software company, Famly, which is primarily used by childcare organisations.
“This malicious attack represents a truly barbaric new low, with bad actors trying to expose our youngest children’s data to make a quick buck,” said Famly boss Anders Laustsen.
The data posted of the 10 children includes names, photographs, their birthdate, birthplace, gender, carer information, and contact details. Astonishingly, Radiant has managed to plumb the depths even further than this: one mother received a phone call she described as “threatening,” and was told her child’s information would be posted unless she pressured Kido to pay the ransom.
“We’re in the digital age now where everything’s online and I think you go into this knowing that there is a risk that at some point this could happen,” said Sean, who has a child at a Kido nursery.
“Any parents that are getting angry should probably direct their anger towards the scumbags that have actually done it. You only see the people that run your nursery, and all of them are great. And these poor people are the ones getting the brunt of it on the front line.”
The BBC managed to contact Radiant through a now-deleted Signal profile. The group said it had hired other people to make the calls. Asked if they feel any guilt about their actions, they responded:
“We do it for money, not for anything other than money. I’m aware we are criminals. This isn’t my first time and will not be my last time.”
Well, let’s hope that the Met can do something about ensuring it is this person’s last time. We’re all used to cyber attacks in the news, and this certainly isn’t the first time a group of criminals has chosen a morally bankrupt target. But doxxing nursery-age children? Even other cyber criminals must feel that such depravity is giving them a bad name.
2025 games: This year’s upcoming releases
Best PC games: Our all-time favorites
Free PC games: Freebie fest
Best FPS games: Finest gunplay
Best RPGs: Grand adventures
Best co-op games: Better together
This situation is truly concerning and highlights the serious risks associated with data security. It’s alarming to think about the impact on the children and families involved. Hopefully, there will be swift action taken to address this breach and protect the affected individuals.
I completely agree; it’s alarming to see how vulnerable even children’s data can be. Itโs a reminder of the importance of robust cybersecurity measures, especially for institutions that handle sensitive information. We need to advocate for better protections to prevent such breaches in the future.
Absolutely, it really highlights the importance of cybersecurity in all sectors, especially those involving children. It’s concerning how easily personal information can be exploited, and it makes you wonder what measures can be taken to better protect sensitive data in the future.
child care. It’s shocking to see how vulnerable even the most innocent places can be. This incident serves as a wake-up call for all organizations to prioritize robust security measures to protect sensitive information. Implementing regular security audits could be a crucial step in preventing such breaches.
Absolutely, it really highlights the importance of cybersecurity in all sectors, especially those involving children. It’s a wake-up call for nurseries and similar institutions to invest in stronger protective measures to safeguard sensitive information.
childcare. It’s alarming to think about how vulnerable sensitive information can be, particularly when it involves children. Strengthening security measures and educating staff about data protection could make a significant difference in preventing such breaches in the future.