Two seventeen-year-old boys have been arrested by the Metropolitan Police during their investigation into a cyber theft incident against London-based nursery chain Kido.
According to the Met Police, the pair, who remain in custody for questioning, were arrested at residential addresses in Bishop’s Stortford, Hertfordshire, suspected of computer misuse and blackmail.
Orchestrators of the breach were said to have stolen photographs of around eight-thousand children, with other data including names, addresses and contact details for parents/ carers from the Kido chain.
The force said that, on September 25, it received a referral from the Action Fraud cyber crime reporting service which detailed a ransomware cyber attack.
“We understand reports of this nature can cause considerable concern, especially to those parents and carers who may be worried about the impact of such an incident on them and their families,” said Will Lyne, the Met’s Head of Economic and Cybercrime.
“These arrests are a significant step forward in our investigation,” continued Lyne, “but our work continues, alongside our partners, to ensure those responsible are brought to justice.”
The cyber attack against Kido became apparent on September 25, when hackers began posting profiles and images of some of the children on their darknet site.
Those behind the attack, who sought to extort the nursery chain for about £600,000 in Bitcoin and called themselves Radiant, have been widely condemned by cyber experts, with some dubbing the incident a “new low” in the world of online crime.
In an attempt to mount pressure on Kido to pay the ransom, the hackers called some of the parents directly to inform them of the breach, and how the stolen data would only be deleted once the ransom was settled.
Soon after, however, the hackers made the decision to blur the images, and finally, on October 2, they deleted all the stolen photos and data from their darknet site.
“No more remains and this can comfort parents,” posted the hackers, who claimed to have now deleted the eight-thousand child-related files.
While the motive remains unclear, cyber experts have theorized that it may have been due to the hackers having concerns about their reputation within the hacking group community.
“We welcome this swift action from the Met Police and recognise this is an important milestone in the process of bringing those responsible to justice,” a Kido spokesperson said.
“We have cooperated throughout this process with law enforcement and the relevant authorities,” they went on. “We remain committed to supporting police and, ultimately, families, colleagues, and the wider Kido community.”
Shield your priceless data with our roster of trusted cyber security solutions, such as the Award-Winning TotaleAV antivirus, equipped with innovative tools including real-time scans to identify, block and remove the very latest threats.
