Protecting Our Schools: Insights from the Recent Nursery Chain Cyber Attack

Again, yet another cyber attack has rattled the gates of our schools, this time targeting a trusted nursery chain and exposing the most vulnerable among us. In an era where digital tools power teaching, learning, and child safeguarding, every breach isn’t just a data loss; it’s a breach of trust that echoes through families and communities.

An alarming cyber incident hit Kido International, a London-based nursery chain, when hackers claiming to be the “Radiant” group stole names, addresses and photos of around 8,000 children and posted samples on the dark web. They’re now demanding a ransom to keep the rest of the data offline, leaving parents and staff reeling from an unprecedented breach of trust

What Happened

Hackers accessed Kido’s systems and exfiltrated sensitive data, including safeguarding notes and family contact details, before leaking images of ten children online. The Met Police confirmed they received a referral on 25 September following reports of a ransomware attack on the organisation, and the Information Commissioner’s Office is actively assessing the incident.

Impact on Families and Staff

For parents, seeing their children’s photos and personal details traded as digital currency has been especially harrowing. Cybersecurity expert Graeme Stewart called it “a new low,” condemning the attack as “indefensible” and highlighting how targeting children’s data crosses an ethical line. Nurseries and schools now face the challenge of restoring trust while safeguarding vulnerable populations.

Lessons for Educational Institutions

This breach underlines that no organisation is too small or too “innocent” to be targeted. Schools and childcare providers must:

• Understand their data landscape: map where children’s records, images and safeguarding notes are stored

• Implement strict access controls: enforce least-privilege and multifactor authentication for staff systems

• Encrypt sensitive data at rest and in transit: ensure stolen files remain unreadable without decryption keys

Essential Preventive Measures

1. Incident response plan: test and rehearse your playbook so everyone knows their role if an attack occurs

2. Regular backups and offline archives: maintain immutable copies of critical data to restore services quickly

3. Security awareness training: educate all employees, not just IT, on phishing, social engineering and data handling

4. Third-party risk assessments: verify that vendors and partners adhere to your security requirements

Turning Crisis into Opportunity

While the Kido incident has shaken parents and staff, it offers a wake-up call. By embedding robust cyber hygiene, rigorous access controls and a culture of security awareness, nurseries and schools can not only defend against future attacks but also demonstrate to families that protecting their children’s data is non-negotiable.