Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
UK Police have arrested two individuals in connection with a cyber attack on a chain of London nurseries.
Last month, the Radiant ransomware group threatened to publish the personal data of more than 8,000 kids in a data breach of the Kido International group.
Now, two 17-year-olds have been arrested at their residential addresses in Bishop’s Stortford, Hertfordshire, by the London Metropolitan (Met) Police, under suspicion of blackmail and computer misuse as part of the Kido cyber attack.
“Since these attacks took place, specialist Met investigators have been working at pace to identify those responsible,” said Met’s head of economic and cyber crime, Will Lyne.
“We understand reports of this nature can cause considerable concern, especially to those parents and carers who may be worried about the impact of such an incident on them and their families.”
The police said they were sent a referral from Action Fraud detailing the cyber attack on the London nursery chain.
“We want to reassure the community and anyone affected that this matter continues to be taken extremely seriously.
“These arrests are a significant step forward in our investigation, but our work continues, alongside our partners, to ensure those responsible are brought to justice,” Lyne said.
Background
The personal details of 20 young children – including their photos – were posted to the darknet after a newly emerged ransomware gang said it was behind the hack of Kido International’s chain of UK-based childcare centres.
The group, calling itself Radiant, first listed details of the attack on 24 September, sharing a timeline of its “data leakage roadmap” and the images and details of 10 children under the age of five.
Radiant claims that Kido Schools is being “non-compliant”, leading the hackers to escalate their rhetoric and threats.
“We currently possess sensitive data on over 8000+ children + their relatives, grandparents, aunties, uncles, parents. (Everyone!) + all employees and company data,” Radiant said in its leak post.
“We’ve provided samples for you below. This does NOT include any accident reports, safeguarding reports, billing or anything in bulk yet as we’re giving kido a chance.”
Following backlash, Radiant blurred the images of the children, but kept data samples viewable. The group maintains that it is simply seeking “compensation for our pentest”.
According to BBC reports, several parents had already received aggressive phone calls from the cyber criminals, threatening them to pressure Kido into paying a ransom, or that otherwise the data of their children would be posted on the dark web. The BBC added that Radiant claimed its motive was purely financial.
Kido confirmed that it was dealing with a cyber security incident.
“We recently identified and responded to a cyber incident. We are working with external specialists to investigate and determine what happened in more detail,” a Kido spokesperson said in a statement.
“We swiftly informed both our families and the relevant authorities and continue to liaise closely with them.”
According to correspondence with impacted families, the initial breach was via a third-party software provider, Famly, which many nurseries and childcare operators use to communicate with clients. Famly is also investigating the breach.
“We have conducted a thorough investigation of the incident and can confirm that there has been no breach of Famly’s security or infrastructure in any way and no other customers have been affected,” Anders Laustsen, the chief executive of Famly, said.
“We, of course, take data security and privacy extremely seriously at Famly.”
Be the first to hear the latest developments in the cyber industry.
