In a startling development that has left cybersecurity experts baffled, the hackers responsible for compromising Kido Nursery's sensitive data have announced they've permanently destroyed the stolen information.
The Unexpected Reversal
The cybercriminal group, which had previously threatened to expose highly personal family data including children's names, photographs, and medical information, now claims to have deleted everything. This dramatic U-turn comes after the hackers failed to secure a ransom payment from the nursery group.
"We don't see a reason to keep the data," the hackers stated in their message, adding they had "permanently deleted all the data we have stolen" and would not be publishing it online.
Ongoing Fallout for Affected Families
Despite the hackers' claims, the breach has already caused significant distress to thousands of families across multiple countries. The attack compromised:
- Children's personal information and photographs
- Parental contact details and addresses
- Medical records and allergy information
- Financial payment records
Kido, which operates 17 nurseries across London and the southeast, continues to work with cybersecurity experts and law enforcement to assess the full extent of the damage.
Security Questions Remain Unanswered
While the data deletion announcement may provide some relief to affected families, cybersecurity professionals remain cautious. There is no independent verification that the data has been completely destroyed, and experts warn that copies could still exist elsewhere.
The incident highlights the growing vulnerability of educational and childcare institutions to sophisticated cyber attacks, raising urgent questions about data protection standards in the sector.
