Hackers say they have deleted children's pictures and data after nursery attack backlash

Hackers who threatened to extort a nursery chain by posting petty images and data about children on the darknet have taken down the posts and claimed to have deleted the details. The criminalsbegan posted profiles of the children on their website last Thursday, bringing another ten children with them and a vow to continue until Kido Schools paid a ransom in Bitcoin. When not attempting to recover their ransom, the criminals also contacted parents by threatening phone calls. However, the public outrage surrounding their attack appears to have compelled the criminals to reconsider their plans.

They blurred the photos at first but saved the files; now they have taken all of the details offline and apologized for their conduct. Experts have skepticism about nurseries' apparent change of heart, who had previously sluggishly condemned the targeting of nurseries as a new low for cyber-criminals. This is more about pragmatism than morality, cyber-security expert Jen Ellis said. "These criminals are clearly shocked and concerned about the attention their hack has generated, and they are obviously worried about protecting themselves or their brand.

'Comfort for parents'

The hackers claim to have deleted everything they took, which included the personal information and pictures of around 8,000 children as well as contact information for parents and carers.

All child data is now being deleted. According to one of the cyber-criminals involved, no more remains, and this may have aided parents. Kido is said to have not paid the hackers a ransom, despite the fact that it was estimated to be about £600,000. Hackers have often said they deleted hacked information and were discovered to have retained it or sold it on in recent cases. When the National Crime Agency in the United Kingdom started a cybercrime group LockBite, they discovered troves of evidence on the criminal's servers that had paid to be deleted. The nursery hackers, who have dubbed themselves Radiant, seem to be worried that their hack has breached an undefined ethical threshold since the public outrage against them began. According to BBC News, the cyber-criminals said,

We're sorry for hurting children. It's unclear who the hackers or hackers are, but they seem to be a new and perhaps inexperienced group. Their darknet website is new, but they claim to have carried out other hacks in the past. This isn't the first time cyber-criminals have retaliated on an attack. After thechaos caused the death of an emergency care patient, a gang using Dopplepaymer ransomware gave a German hospital their encryption key. WhenConti hackers attacked the Irish Health Service in 2021, they also gave their antidote away for free, claiming not to have intentionally targeted hospitals. Criminals from the Darkside group made the bizarre decision to reveal evidence that they had donated some of their ill-gotten bitcointo charities months before. The nursery hackers hacked into the nursery's networks by gaining access to one of Kido's computers, which was harmed by a separate hacker. The Kido access to Radiant was sold by the initial access broker who went on to penetrate Kido's networks and steal the information. The bulk of the downloaded content, including photos of children, was taken from Kido's account with Famly, a well-known early years education website. Kido's parents were told that the attack was caused as a result of Famly being compromised, which Famley has denied. It has been repeatedly reiterated to the BBC that neither the platform's security nor infrastructure have been compromised at any time. Kido did not respond to a request for information about how the hackers obtained the information.

We recently detected and responded to a cyber attack,

a spokesperson said. We are working with consultants from outside to look into and determine what happened in more detail. "We quickly informed both our families and the relevant authorities and continue to work closely with them. Radiant claims it paid the initial access broker money for access to Kido's device. So with Kido refusing to pay and the hackers renegrating their extortion attempt, the criminals appear to have actually lost money in this cyber-attack. Sign up for our Tech Decoded newsletter to stay up to date with the world's top tech news and trends. Outside the UK? Sign up here.