London Police Arrest Suspects in Nursery Data Breach, Child Doxing Case

London’s Metropolitan Police have taken two teenagers into custody as part of a major investigation into the online exposure of children’s personal information. This case stems from a ransomware attack that compromised a well-known nursery chain, leading to the theft and publication of sensitive data belonging to young children and their families.

The two 17-year-old suspects were apprehended at their residences in Bishop’s Stortford, Hertfordshire. Authorities are investigating them for alleged blackmail and violations of computer misuse laws. While police have not released extensive details about the cyber incident, the timing and nature of the attack correspond with a late September breach affecting Kido nurseries across Greater London. Kido International operates facilities trusted by more than 15,000 families throughout the UK, United States, India, and China.

Following the security breach, a cybercrime organization identifying itself as Radiant Group claimed responsibility. The group asserted it had stolen private data and photographs of more than 1,000 children. In an attempt to extort money from the nursery chain, the hackers published some children’s pictures and home addresses on their dark web platform. The criminals explicitly stated they possessed extensive sensitive information about the children, their family members, nursery employees, and corporate data.

By early October, the attackers removed the leaked files after their extortion attempts proved unsuccessful. The group had made threatening communications directly to parents of the affected children before taking down the data.

Kido management later disclosed that the compromised children’s information had been stored with Famly, a software platform that enables nurseries to securely share updates and photographs with parents. Famly’s chief executive, Anders Laustsen, emphasized that their own security systems remained uncompromised. “Our comprehensive investigation confirms that no breach occurred within Famly’s infrastructure, and no other customers were impacted,” Laustsen stated. “We maintain an unwavering commitment to data security and privacy protection.”

The incident drew strong condemnation from cybersecurity authorities. Jonathon Ellison, the UK National Cyber Security Centre’s Director for National Resilience, characterized the attack as profoundly disturbing.

Will Lyne, who leads the Metropolitan Police’s Economic and Cybercrime unit, addressed public concerns in an official statement. “Since these criminal activities were first reported, our specialized investigators have worked tirelessly to identify the perpetrators. We recognize that news of this nature generates significant anxiety, particularly among parents and caregivers worried about potential consequences for their families,” Lyne explained. “We want to assure everyone affected that we are treating this case with the utmost seriousness. While these arrests represent crucial progress, our investigation continues in collaboration with partner agencies to ensure accountability for those responsible.”

These arrests reflect an emerging pattern of teenage involvement in sophisticated cybercrimes across the United Kingdom. Earlier this year, law enforcement detained multiple young individuals connected to digital breaches targeting major organizations including Marks & Spencer, the Co-op, and Harrods department stores. Additional teenagers have faced accusations of compromising Transport for London’s computer systems, highlighting growing concerns about youth engagement in high-profile cyber offenses.

(Source: Bleeping Computer)