Callous crims break into preschool network, publish toddlers' data
- Reference: 1758820560
- News link: https://www.theregister.co.uk/2025/09/25/ransomware_gang_publishes_toddlers_images/
- Source link:
To verify the authenticity of the leak, we called affected parents who confirmed to us that the organization was aware of the situation, and that it had made parents aware too.
The ransomware crims, a new face known as the Radiant Group, claimed responsibility for the attack and this is the first leak on its dark web-based site.
[1]
Its extortion tactics in this case, which include publishing profiles of 10 children, complete with their images, names, and home addresses, along with their parents' contact details and in some cases places of work, are among the most aggressive ever deployed.
[2]
[3]
The Register contacted Kido International for comment, but did not receive a response by publication time.
The business specializes in advanced early years development programs and operates various sites across cities internationally. However, the affected individuals thus far appear to all be based in the UK.
[4]
The cybercriminals behind the group recently deleted an "About" section on its website, which formerly stated that it was a financially motivated ransomware operation that engages in double-extortion and single-extortion attacks, without the support of affiliates.
It described itself as an aggressive group that is intent on contacting domestic regulators to apply additional pressure, as well as contacting victims' associates and their investors, where applicable.
The Register contacted the UK's National Cyber Security Centre, National Crime Agency, and Information Commissioner's Office for a response, and we'll update this article if and when we receive one.
[5]
Alan Woodward, computer scientist and professor at the University of Surrey, said any organization that holds sensitive data such as this must go the extra mile to secure it, but it does not detach from the heinousness of the attack.
"Just when you think cybercriminals can't sink any lower, we see this kind of attack," he told The Register .
"Having seen the news that a death had occurred from the London hospital attack last year, then you see this, you wonder if these people are amoral or just plain evil.
"We all know that cyberattackers feel a degree of disinhibition working online, almost like they feel these are victimless crimes. This just shows how warped they are. Soft targets may be easy for them, but the impact is horrible.
"It's not just that they targeted this organization, but they then published the data. They knew damned well they were operating in the gutter.
"I can only hope the law, albeit that it can take some time, catches up with them and in the glare of public awareness they realize just what the general public thinks of such criminals."
Dray Agha, senior manager of security operations at Huntress, concurred.
He said: "This represents a reprehensible erosion of any remaining boundaries in the cybercriminal ecosystem. By weaponizing the personal data of infants and toddlers, this group has sunk to a depth that even other threat actors may condemn.
"From a negotiation standpoint, this attack effectively burns a bridge for the entire ransomware industry. Engaging with a group that demonstrates such blatant disregard for human decency is now an intolerable risk for any organization. This action will likely harden the stance of both victims and law enforcement, making [6]productive negotiations , even in extreme circumstances, almost impossible.
"It signals that some groups are now purely opportunistic predators, and the only viable strategy is to invest heavily in security prevention and rendering their tactics ineffective."
Horrible histories
Ransomware groups are known for their abhorrent tactics and remorselessness when the impact of their financially driven attacks goes beyond the pale.
From targeting [7]children's hospitals like Alder Hey , to leaking [8]pre-op surgery pictures from plastic surgeons' offices, a moral compass is not a quality often exhibited by these kinds of individuals.
Qilin's attack on Synnovis, a pathology services provider to NHS hospitals in London, last year resulted in thousands of missed appointments, altered procedures for cancer patients, and [9]one death , it was confirmed over the summer.
The group told The Register at the height of the healthcare chaos it caused that [10]it had no regrets over carrying out its attack. ®
Get our [11]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aNW7aEBEcGqeJ-wX_6ZiZwAAA0w&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aNW7aEBEcGqeJ-wX_6ZiZwAAA0w&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aNW7aEBEcGqeJ-wX_6ZiZwAAA0w&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aNW7aEBEcGqeJ-wX_6ZiZwAAA0w&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aNW7aEBEcGqeJ-wX_6ZiZwAAA0w&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/
[7] https://www.theregister.com/2024/11/29/inc_ransom_alder_hey_childrens_hospital/
[8] https://www.theregister.com/2023/10/25/rebuilt_hive_ransomware_gang_stings/
[9] https://www.theregister.com/2025/06/26/qilin_ransomware_nhs_death/
[10] https://www.theregister.com/2024/06/20/qilin_our_plan_was_to/
[11] https://whitepapers.theregister.com/
Re: Well...
Then maybe they don't need to wander around collecting all the data points for the software vendor to sell on to their shady data broker buddies.
Or you can do this fancy "hybrid" system where you keep the personal information on paper and keep baby Jordie's favorite color on the computer.
God help us
And Starmer wants to implement an ID card system?
Re: God help us
Don't worry, it'll be implemented by Fujitsu and Palantir, nothing can possibly go wrogn. Wronn. Worng.
Bad.
Re: God help us
"And Starmer wants to implement an ID card system?"
Of course. He and his cabinet of idiots know perfectly well that it won't do anything for tackling migration or indeed tackling any form of crime, that it will be another shit-headed technical and data fuckup, featuring a technically illiterate Civil Service, and with all the usual consultancies and IT companies profiting from failure........but that's not the point.
The point is pure and simple political theatre to rile the press and draw attention away from the EVERYTHING that government are mismanaging at the moment.
"a moral compass is not a quality often exhibited by these kinds of individuals"
Well, duh. If they had a moral compass, they'd be making an honest living instead of attempting extortion. Who the victim is just points it out more.
First they came for the faceless corporations
And they did not pay for security
Because it's cheaper to do a bit of PR
Then they came for the small businesses
And they did not pay for security
Because they went out of business and they were probably up to something anyway, right? Besides, it's not my money.
Then they came for the charities and hospitals
And we did not pay for security
Because the inmates are running the asylum
Now they've come for our kids.
How many teenagers need to ransack our institutions before we start paying what it costs to secure them?
Well...
>> Alan Woodward, computer scientist and professor at the University of Surrey, said any organization that holds sensitive data such as this must go the extra mile to secure it,
Alan Woodward should state the unpleasant truth: it is nigh on impossible for most organisations to secure such data. The costs could well be prohibitive. And even then, somebody on the inside might still be able to access it.
Computer security is a proposition. It isn't a one liner "they should secure it better".