Kido nursery data breach

London Police Arrest Teenagers in Kido Nursery Data Breach and Child Doxing Case

London’s Metropolitan Police have arrested two 17-year-old boys in connection with the Kido nursery data breach, a disturbing cyberattack that exposed sensitive data and photographs of thousands of children enrolled in nurseries across Greater London. The arrests, carried out at residential addresses in Bishop’s Stortford, Hertfordshire, mark a major step forward in an investigation that has caused widespread fear among families.

kido nursery

The suspects are being held on suspicion of blackmail and computer misuse following weeks of inquiries by specialist cybercrime units. Police confirmed the operation comes after the September 25 cyberattack that targeted the systems of the Kido nursery chain, which operates 18 sites across London and provides services for over 15,000 families worldwide.

Details of the Kido Nursery Data Breach

According to investigators, the hackers behind the attack exfiltrated personal information belonging to approximately 8,000 children. The stolen data included names, home addresses, and photographs. To demonstrate their access and apply pressure, the hackers posted the profiles of 10 children online and threatened to release more unless their ransom demands were met. Parents also reported receiving threatening phone calls in the days following the incident.

The group claiming responsibility, identified as the Radiant Group, declared on their dark web site that they were in possession of extensive files on “over 1000+ children,” including information on parents, relatives, employees, and company data. While the hackers eventually removed the files on October 2 after their extortion attempts failed, the damage had already been done, and families were left shaken by the exposure of such sensitive information.

How the Breach Happened

Kido later disclosed that the compromised data was stored on Famly, a third-party childcare management platform widely used by nurseries to share photos and updates with parents. Following the breach, Famly’s CEO Anders Laustsen issued a statement assuring parents that the company’s systems had not been directly compromised. “We have conducted a thorough investigation of the incident and can confirm that there has been no breach of Famly’s security or infrastructure in any way and no other customers have been affected,” Laustsen said. He also emphasized that protecting children’s privacy remains a top priority for the company.

The breach highlighted the risks involved when schools and childcare providers rely heavily on third-party platforms for storing and sharing personal data. Even when infrastructure itself is not compromised, attackers can still gain access through compromised credentials, misconfigurations, or other vulnerabilities in the supply chain.

Police and Government Response

Authorities have described the incident as one of the most distressing cybercrimes in recent years. Will Lyne, Head of Economic and Cybercrime at the Metropolitan Police, said: “Since these attacks took place, specialist Met investigators have been working at pace to identify those responsible. These arrests are a significant step forward in our investigation, but our work continues, alongside our partners, to ensure those responsible are brought to justice. We understand reports of this nature can cause considerable concern, especially to those parents and carers who may be worried about the impact of such an incident on them and their families.”

The UK’s National Cyber Security Centre (NCSC) also issued a statement, with Jonathon Ellison, Director for National Resilience, describing the incident as “deeply distressing” and underscoring the urgent need for childcare institutions to adopt stronger security measures.

Trend of Teenage Hackers

This case reflects a growing trend of teenagers being implicated in high-profile cyberattacks across the UK. In recent years, several young suspects have been arrested for their roles in incidents targeting major companies and organizations, including M&S, Co-op, Harrods, and even Transport for London. Experts say that the rise of younger hackers is linked to the accessibility of hacking tools, underground forums, and ransomware-as-a-service platforms, which make it easier for inexperienced individuals to launch significant cyberattacks.

The arrests in the Kido nursery data breach further highlight the troubling involvement of youth in cybercrime, particularly in cases involving ransomware, extortion, and child doxing. Authorities warn that even teenagers are now capable of carrying out complex attacks with devastating real-world consequences.

Impact on Families and Next Steps

For affected families, the incident has been described as terrifying. The idea that photographs and personal details of children could be publicly exposed has raised serious concerns about safety, privacy, and long-term risks. Child protection experts warn that once such data is leaked, it can never be fully contained and may resurface in other forums or be misused in the future.

The Kido nursery chain has since strengthened its communication with parents and continues to cooperate with investigators. While the immediate threat from the Radiant Group appears to have been contained, the wider concerns around cybersecurity in childcare settings remain unresolved.

Police continue to investigate the full extent of the breach and whether others may have been involved. For now, the arrests mark progress, but families and cybersecurity experts alike stress that the case should serve as a wake-up call about the vulnerabilities facing schools, nurseries, and educational providers in the digital age.

The Kido nursery data breach is a chilling example of how cybercrime can impact even the youngest members of society, and why protecting sensitive data must remain a top priority for organizations of all sizes.

Sean Doyle

Sean is a distinguished tech author and entrepreneur with over 20 years of extensive experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and various other tech domains. His expertise and contributions to the industry have been recognized in numerous esteemed publications. Sean is widely acclaimed for his sharp intellect and innovative insights, solidifying his reputation as a leading figure in the tech community. His work not only advances the field but also helps businesses and individuals navigate the complexities of the digital world.

More Reading

Post navigation

Leave a Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.