A cyberattack on the Kido nursery chain has resulted in the theft of personal information belonging to approximately 8,000 children. Reports indicate that a criminal gang stole names, addresses, and pictures, and has demanded a ransom from the company. Kido, which operates 18 sites in London as well as locations in the U.S., India, and China, has not yet confirmed the hackers’ claims or released a public statement.
In addition to the children’s data, the hackers claim to have also accessed sensitive information about parents and carers, including personal details and safeguarding notes. The criminals have reportedly contacted some of the affected families directly via phone as part of their extortion attempt. The company has yet to publicly address these claims.
An employee at one of the London nurseries confirmed to the BBC that staff had been informed of a data breach. However, Kido has not officially verified the extent of the attack or the specific data that was compromised. The silence from the company has left many questions unanswered for both staff and affected families.
The Metropolitan Police have confirmed they received a referral on Thursday regarding a ransomware attack on a London-based organization. The Met’s cybercrime unit is currently investigating the incident, but no arrests have been made. The case is still in its early stages.
The Information Commissioner’s Office (ICO) has also been notified of the incident. A spokesperson for the ICO stated that Kido International has reported the attack, and the office is now in the process of assessing the information provided. This step is part of the standard procedure for data breaches to determine the appropriate course of action and ensure the company is taking necessary steps to protect affected individuals.
Reference:
