Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The Radiant ransomware group has threatened to publish the personal data of more than 8,000 kids in a data breach of the Kido International group.
The personal details of 20 young children – including their photos – were recently posted to the darknet after a newly emerged ransomware gang said it was behind the hack of Kido International’s chain of UK-based childcare centres.
The group, calling itself Radiant, first listed details of the attack on 24 September, sharing a timeline of its “data leakage roadmap” and the images and details of 10 children under the age of five.
Radiant claims that Kido Schools is being “non-compliant”, leading the hackers to escalate their rhetoric and threats.
“We currently possess sensitive data on over 8000+ children + their relatives, grandparents, aunties, uncles, parents. (Everyone!) + all employees and company data,” Radiant said in its leak post.
“We’ve provided samples for you below. This does NOT include any accident reports, safeguarding reports, billing or anything in bulk yet as we’re giving kido a chance.”
Now, the group has shared the details of 10 more children, along with a sample list of Kido Schools employee details, which includes full names, dates of birth, national insurance numbers, and home addresses.
Like many similar criminals, Radiant said it is owed “compensation for our pentest”. However, following intense media scrutiny of the hackers’ actions, it has now at least blurred the images of the children it has so far shared.
“Due to recent backlash we’ve decided ALL photos from now on will be blurred, data remains. More is coming soon,” Radiant said.
Kido has confirmed it is responding to a cyber incident.
“We recently identified and responded to a cyber incident. We are working with external specialists to investigate and determine what happened in more detail,” a Kido spokesperson said in a statement.
“We swiftly informed both our families and the relevant authorities and continue to liaise closely with them.”
According to correspondence with impacted families, the initial breach was via a third-party software provider, Famly, which many nurseries and childcare operators use to communicate with clients. Famly is also investigating the breach.
“We have conducted a thorough investigation of the incident and can confirm that there has been no breach of Famly’s security or infrastructure in any way and no other customers have been affected,” Anders Laustsen, the chief executive of Famly, said.
“We of course take data security and privacy extremely seriously at Famly.”
Several parents told the BBC they had already received aggressive phone calls from the hackers, threatening to post the details of their children unless they apply pressure to Kido to pay the ransom.
The BBC, in turn, has been in contact with the hackers, who said they are in it purely for the money.
Little is known about Radiant, other than that while skilled in English, it is likely not their first language. Kido Schools is the gang’s only victim at this point in time.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
