September 25, 2025: The London Metropolitan Police received reports of a ransomware attack on Kido nurseries.Hackers gained access to personal data of children enrolled at multiple locations.Some of the stolen data—photos, names, and addresses—has been leaked on the dark web.The UK’s National Cyber Security Centre called the incident “deeply troubling,” and investigations are ongoing.

Children’s data is permanent: Birth dates, names, and early records can’t be changed. Exposure can impact identity safety for years.Identity theft risks: Criminals can build fake identities using stolen data to open accounts or commit fraud.Psychological harm: Exposure of children’s personal details and photos creates risk of exploitation and emotional trauma.Erosion of trust: Parents place faith in nurseries and schools; breaches damage that trust.

Confirm Exposure: Contact your child’s nursery to ask if their records were part of the breach.Watch for Phishing: Be cautious of emails or texts asking for verification or account info—attackers may pose as trusted institutions.Limit Sharing Online: Avoid posting identifiable details of your child (school names, addresses, dates of birth).Document Suspicious Activity: Keep evidence of any unusual messages or attempted identity misuse.

Encrypt sensitive data both in storage and transmission.Enforce role-based access control so only essential staff can access student records.Use multi-factor authentication and advanced logging for staff accounts.Conduct regular cybersecurity training for staff.Prepare and test an incident response plan so they can respond quickly to threats.

Forensic investigation into how attackers entered and what data was accessed.Evidence packages for law enforcement, regulators, and courts.Liaison with authorities to ensure institutions and families get support.Remediation and hardening plans to close vulnerabilities and prevent repeat attacks.Education programs for schools, nurseries, and parents on safe data practices.