The impact of a recent ransomware-related cyber-attack on Kido, a rapidly growing nursery chain with 18 facilities mostly in London, illustrates this. This particular attack exposed sensitive data belonging to innocent children and their families. Cybersecurity experts and parents alike are reeling from the breach. It highlights the shortcomings in safeguarding children’s personal data.
Rebecca Moody, Comparitech’s head of data research, told “alarm bells” were ringing over the type of data shared online. She reiterated that what’s happening requires urgent, concerted action. The breach highlights a worrisome path in large-scale cyber-attacks against groups that handle complex data. Kido also runs worldwide nurseries in the United States and India, further multiplying the possible impact of this unfortunate incident.
Mary, one of the parents most directly affected by the breach, was shocked to receive this email from the hackers. The message explained the data they had stolen. The lack of encryption software used by Kido has drawn criticism, with Mary stating, “It’s not ideal of course, we would rather they had been using some sort of encryption software.” Her worries tap into a deepening national anxiety among parents about data protection in settings that provide care to minors.
The National Cyber Security Centre’s Jonathon Ellison characterized the hack as “deeply distressing.” He furthered underlined the point that direct cyber criminals do not care who they attack, only that their attack can be profitable. He added that targeting institutions created to protect our children is most egregious. This rationale is part of an insidious pattern, unfortunately. Some other high profile attacks have forced the shutdown of major businesses including Jaguar Land Rover, M&S and the Co-op.
Graeme Stewart, a cybersecurity expert, condemned the actions of the hackers, stating that it was “indefensible to deliberately put children and schools in the firing line.” Such sentiments strike a chord with Bryony Wilde, who told us about her disgust at what happened. She remarked, “They are kids – their personal details shouldn’t be worth anything,” emphasizing the innocence of the young victims involved.
Unfortunately, the Kido hack is only the latest in a recent, sinister trend. This is particularly true in the wake of disruptive attacks targeting health care, education, and other critical infrastructure sectors. These events have highlighted dangerous trends in data protection practices across public and private sectors, leading to demands for stronger security standards and accountability.
Rebecca Moody further highlighted the severity of the Kido attack, mentioning, “We’ve seen some low claims from ransomware gangs before, but this feels like an entirely different level.” Her description points to a dangerous new low in the attacking methods employed by cybercriminals. The alarming news begs troubling questions on how organizations can better protect sensitive information.
