Hackers steal pictures, names and address of kids from nursery chain

Have you been affected by the cyber attack? Please email: tips@dailymail.co.ukBy MARK DUELL, DEPUTY CHIEF REPORTER (DIGITAL) Published: 15:26 BST, 25 September 2025 | Updated: 15:50 BST, 25 September 2025

The pictures, names and addresses of around 8,000 children have been stolen from the Kido nursery chain, hackers claimed today amid an extraordinary cyber attack.Cyber criminals said they were using the details to demand a ransom for the company, which has 19 UK sites - 18 in Greater London and another in Windsor.Kido also operates 39 nurseries across India and others in China as well as nine sites in the US - six in Houston, two in Austin and one in Chicago. The hackers claim to have safeguarding notes and details about the children's parents and carers - and got in touch with BBC News about their actions. They have allegedly contacted some parents by phone and are trying to extort money from the nursery chain, which runs services for children as young as six months old.The hackers told the BBC they 'weren't asking for an enormous amount' although it was 'of course' about money - and 'deserve some compensation for our pentest'.A 'pentest' refers to a so-called penetration test, when ethical hackers are hired to check the security of an organisation by carrying out a simulated cyber attack.Kido has not issued a statement on the claims, but an employee confirmed they had been told of a data breach. The Daily Mail has contacted the firm for comment. Details relating to around 8,000 children have been stolen from a nursery chain (stock image)Kido's nurseries across London include central sites in Waterloo and Clerkenwell as well as locations in upmarket suburbs such as Chiswick and Fulham. Fees vary between nurseries, but are estimated at the Chiswick site at around £2,000 a month for a child going in for a full day (8am to 6pm) for five days a week without working family funding.Reacting to the attack, cyber security expert Graeme Stewart, head of public sector at Check Point Software, told the Mail today: 'This is an absolute new low.'These attacks follow a familiar playbook: breaking in, stealing data and deploying ransomware. 'The use of children's images and details takes it to a shocking level. Cybercriminals are driven by money, not morals. They do not care if the collateral damage is a pre-school, a hospital or a global company.'To deliberately put children and schools in the firing line, as we saw when the Harris Federation was taken offline, is indefensible. Frankly, it is appalling.'Mr Stewart was referring to an incident in 2021 when a ransomware attack on the Harris Federation of schools left 37,000 pupils unable to access their email.Earlier today, the Co-operative Group revealed it slumped to a half-year loss after taking an earnings hit of around £80million from a 'malicious' cyber attack in April.It was also revealed that the Government could step in to help keep Jaguar Land Rover suppliers trading after the car maker halted production due to a cyber attack.And passengers faced disruption at several European airports over the weekend after a cyber attack targeted a service provider for check-in and boarding systems.Have you been affected by the cyber attack? Please email: tips@dailymail.co.uk