Image: Kido Schools
Hackers claim to have stolen the names, pictures, and addresses of approximately 8,000 children from the Kido nursery chain. Kido operates 18 sites in and around London, with additional locations abroad.It operates 39 nurseries across India, additional locations in China, and nine sites in the US, six in Houston, two in Austin, and one in Chicago, as per the Daily Mail. The cybercriminals are reportedly using the sensitive data, which also includes information about the children’s parents, carers, and safeguarding notes, to demand a ransom.Cybersecurity firm Check Point described the targeting of nurseries as “an absolute new low.”The cybercriminals reached out to the BBC regarding the hack and have since posted details on their darknet website.They shared a sample of the stolen data, including pictures and profiles of 10 children. The release is part of their attempt to extort money from the nursery chain, which operates 18 locations, primarily in the London area.When asked if they felt any remorse for extorting a nursery using children’s data, the hackers responded that they “weren’t asking for an enormous amount” and that they “deserve some compensation for our pentest,” as reported by the BBC. A “pentest,” or penetration test, refers to when ethical hackers are hired to evaluate an organization’s security in a controlled and professional manner.The company has not publicly confirmed the hackers’ claims or issued a statement regarding the incident.Jonathon Ellison from the National Cyber Security Centre called the hack “deeply distressing.”
