Sep 29, 2025 12:11:00

A nursery school was hacked by 'Radiant' and the personal information of 10 children was leaked online, and an emergency situation was created in which photos and personal information of thousands of children were threatened to be made public

Kido , a UK nursery chain, has been hit by a cyber attack by a hacker group known as Radiant , putting the personal information of thousands of children at risk of being leaked online.

Kido nursery hackers threaten to publish more children's profiles | Cybercrime | The Guardian
https://www.theguardian.com/technology/2025/sep/26/kido-nursery-hackers-radiant-threaten-publish-children-profiles

Hackers 'behind nursery cyber attack' tell Sky News they are releasing more data on dozens of children | UK News | Sky News
https://news.sky.com/story/hackers-behind-nursery-cyber-attack-tell-sky-news-they-are-releasing-more-data-on-dozens-of-children-13438696

Data on more than 8,000 children stolen in nursery hack, UK media reports - KYMA
https://kyma.com/news/2025/09/26/data-on-more-than-8000-children-stolen-in-nursery-hack-uk-media-reports/

A hacker group calling itself 'Radiant' hacked Kido, a UK-based nursery chain. Radiant published the profiles of 10 children online on September 25, 2025 local time. The profiles reportedly included the children's names, birth dates, birth places, addresses and phone numbers of their parents, grandparents and guardians.

Radiant's dark web website, which publishes victim data on the dark web, lists a 'data breach roadmap' that states, 'Future steps include leaking 30 additional records per child and the personal information of 100 employees.' Radiant also claims to have sensitive data on more than 8,000 children and their families, and that 'all children attending Kido-operated nurseries in the UK are affected.'

The Radiant post was written in English, but the expression was 'slightly awkward,' suggesting that it may have been the work of a user outside of Europe, The Guardian points out.

Regarding negotiations with Kido, Radiant's leak site states, 'As we slowly leak the personal information of the children, Kido as a whole will be destroyed. We are urging them to continue the dialogue.'

A Kido spokesperson told The Guardian: 'We were made aware of a recent cyber incident and have responded to it. We are working with external experts to conduct a detailed investigation and determine the cause of the incident. We have immediately contacted the family and the relevant authorities and will continue to work closely with them.'

Kido said it is working with the UK's

Information Commissioner's Office (ICO) and Ofsted, the education standards audit agency, and that the Metropolitan Police is handling the investigation.

The Guardian has been in contact with Kido CEO Katherine Stoneman, who explained that the company is treating the incident as a 'high priority' and is working to address it, including by bringing in independent IT forensic experts for a potentially complex and lengthy investigation. Stoneman also explained that the security breach 'originates from two third-party systems used to process certain data.'

Kido is a nursery chain with 18 locations around London, UK, as well as locations in the US, India, and China. Kido has notified parents that a data breach occurred when criminals accessed data hosted on a software service called ' Family ,' which is used by nurseries to share photos and information with parents.

Family CEO Anders Laustsen said, 'After conducting a thorough investigation into this incident, we can confirm that there was no breach of Family's security or infrastructure and that there is no impact on other customers. Of course, Family takes data security and privacy extremely seriously,' suggesting that the cyber attack did not affect Family's systems.

The BBC reported that an anonymous parent of a child who was a victim of the attack said they received threatening phone calls from the perpetrators, who threatened to publish their child's personal information online unless they pressured Kido to pay the ransom.

Sean, whose child attends Kido nursery in Tooting, southwest London, told The Guardian: 'While neither I nor any of my friends have heard directly from the nursery that their children's personal information has been leaked, it's still worrying.'

Sean said that while using Familyly to get real-time information like 'what your child has eaten' is very valuable, he acknowledges that cyberattacks are an unavoidable risk when using an app. He also said that it's 'unfortunate' that Kido's childcare workers are bearing the brunt of complaints, when it's the app provider that should be held accountable.

The BBC reported that they managed to communicate with members of Radiant using the messaging app Signal, and received a message from them saying, 'It's all about money. Nothing but money. We know we're criminals. This isn't the first time, and it won't be the last.'