Two young men—a 17-year-old and a 22-year-old—were arrested for a cyber-attack on Kido, a nursery chain in London. The Metropolitan Police took them into custody after they were suspected of computer misuse and blackmail. The hackers allegedly stole sensitive information, including names and photos of around 8,000 children.
This incident came to light after the police received a report from Action Fraud, a cybercrime reporting service, detailing a ransomware attack on September 25. The nursery is currently working with specialists to investigate the breach.
Will Lyne, the head of Economic and Cybercrime at the Metropolitan Police, acknowledged the anxiety such incidents can cause. He emphasized that these arrests signal progress in the investigation, but the police’s work is ongoing.
The attack began earlier, when hackers known as Radiant sought to extort Kido for approximately £600,000 in Bitcoin. They first gained media attention on September 22. As part of their scheme, they threatened to release images and profiles of children unless the ransom was paid.
In an unusual twist, some of the stolen images were blurred before being shared online. On October 2, the hackers claimed they had deleted all the stolen data from their darknet site, stating to parents that they could rest easy.
Cybersecurity experts have described this case as particularly alarming, as it highlights new lows in cybercrime by targeting vulnerable communities, such as children and their families. In a survey conducted by Cybersecurity Ventures, it’s shown that the cost of cybercrime is expected to reach $10.5 trillion annually by 2025, reinforcing the urgency for better security measures.
Kido has not provided details on how the breach occurred but did notify affected families swiftly after identifying the incident. Parents and guardians can be understandably concerned, as incidents like these can shake their sense of security.
For more on cybersecurity awareness, visit the Cybersecurity & Infrastructure Security Agency (CISA).
