"This malicious attack represents a truly barbaric new low."

A hacking group calling itself Radiant has compromised a UK nursery chain called Kido, and is threatening to release the data it accessed unless a ransom is paid (first reported by the BBC). On Thursday it posted the profiles of 10 children on a dark web page alongside a “Data Leakage Roadmap” threatening that their next action would be to “release 30 more ‘profiles’ of each child and 100 employees’ private data.”

The London Metropolitan Police is investigating. Kido’s data was accessed through a breach of another software company, Famly, which is primarily used by childcare organisations.

“This malicious attack represents a truly barbaric new low, with bad actors trying to expose our youngest children’s data to make a quick buck,” said Famly boss Anders Laustsen.

The data posted of the 10 children includes names, photographs, their birthdate, birthplace, gender, carer information, and contact details. Astonishingly, Radiant has managed to plumb the depths even further than this: one mother received a phone call she described as “threatening,” and was told her child’s information would be posted unless she pressured Kido to pay the ransom.

“We’re in the digital age now where everything’s online and I think you go into this knowing that there is a risk that at some point this could happen,” said Sean, who has a child at a Kido nursery.

“Any parents that are getting angry should probably direct their anger towards the scumbags that have actually done it. You only see the people that run your nursery, and all of them are great. And these poor people are the ones getting the brunt of it on the front line.”

Person typing on a laptop with red and blue lighting

(Image credit: Westend61)

The BBC managed to contact Radiant through a now-deleted Signal profile. The group said it had hired other people to make the calls. Asked if they feel any guilt about their actions, they responded:

“We do it for money, not for anything other than money. I’m aware we are criminals. This isn’t my first time and will not be my last time.”

Well, let’s hope that the Met can do something about ensuring it is this person’s last time. We’re all used to cyber attacks in the news, and this certainly isn’t the first time a group of criminals has chosen a morally bankrupt target. But doxxing nursery-age children? Even other cyber criminals must feel that such depravity is giving them a bad name.

2025 games: This year’s upcoming releasesBest PC games: Our all-time favoritesFree PC games: Freebie festBest FPS games: Finest gunplayBest RPGs: Grand adventuresBest co-op games: Better together

From PCGamer latest via this RSS feed