Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data | Malwarebytes

A ransomware group called “Radiant” has stolen data on approximately 8,000 children from nursery chain Kido, which operates in the UK, US, China, and India, exposing names, photos, addresses, birth dates, parent information, safeguarding notes, and medical records. The attackers posted samples including pictures and profiles of ten children on their darknet site as proof, then demanded ransom payment while falsely claiming they “deserve compensation for our pentest” despite conducting illegal unauthorized access rather than legitimate penetration testing. The group escalated their extortion by directly calling parents to pressure them into convincing Kido to pay, threatening to leak their children’s data otherwise, echoing tactics used in the devastating Vastaamo psychotherapy breach that led to individual extortion, bankruptcy, and at least one linked suicide. Kido has contacted affected parents to confirm the incident while the investigation continues, with security experts recommending standard breach response measures including password changes, two-factor authentication, identity monitoring, and vigilance against follow-up phishing attacks that often impersonate legitimate companies in breach scenarios.​​​​​​​​​​​​​​​​