British police have arrested two men, aged 17 and 22, in connection with a cyberattack on London-based nursery chain Kido International. The charges relate to computer misuse and blackmail. This is another in a series of ransomware incidents recently affecting key services in the UK, this time hitting an extremely sensitive target – the data of young children.
The case is being investigated by the London Metropolitan Police’s Cyber Crime Unit. The arrests were made in the town of Bishop’s Stortford. The attack, which was claimed by a group identifying itself as Radiant, resulted in the theft of the data of more than 8,000 children attending 18 Kido institutions in London. The hackers did not disclose the amount of the ransom demanded.
In order to prove their claims, cyber criminals published highly sensitive information on ten children on the darknet – including their names, photos, home addresses and family contact details. The incident has raised serious concerns about data protection and the safety of the youngest children.
The attack on Kido is part of a growing trend of hitting so-called ‘soft targets’, i.e. organisations with sensitive data, but often with insufficient security. For IT companies, it is another sign that securing critical infrastructure, including educational and medical facilities, is becoming an absolute priority. UK law enforcement agencies, responding to a series of attacks this year, have stepped up action against ransomware groups, demonstrating that cybercrime is becoming one of the key challenges to national security.
