Hackers are threatening to release more sensitive data after breaching Kido, a UK-based nursery chain, and exposing the personal details of thousands of children and staff.
The cybercriminal group, calling itself Radiant, has already published profiles of 10 children on the dark web.
The leaked information included names, dates of birth, addresses, and contact details of parents and guardians.
The gang claims to possess data on more than 8,000 children and families, along with staff records, accident reports, safeguarding documents, and billing details.
They warned that unless Kido engages with them, they will gradually leak more, including 30 additional child profiles and information on 100 employees.
A cybersecurity briefing described Radiant as a new group in the cybercrime world, “testing the boundaries of morality and deprivation.”
While their online posts show strong English, experts suggest they may be non-western due to linguistic quirks.
Kido, which runs 18 nurseries in London and more internationally, is working with the Metropolitan Police, Ofsted, and the Information Commissioner’s Office.
In an email to parents, UK chief executive Catherine Stoneman said the breach came from two third-party systems and not Kido’s infrastructure.
She assured families that only those contacted directly had confirmed compromised data.
One of the third-party platforms, Famly, widely used by nurseries to share photos and updates, denied any breach of its systems. Chief executive Anders Laustsen said no other customers were affected.
Parents expressed fear and frustration. One mother reported receiving a threatening call from the hackers. Another father in Tooting criticised Kido for limited communication, though he acknowledged the risks of digital apps.
Police have urged firms not to pay ransoms, warning it fuels further attacks. Cyberattacks on UK companies are becoming increasingly common.
