When Hackers Target Nurseries: Why Cybersecurity in Education Cannot Be an Afterthought
The news that hackers have stolen and published sensitive data from the Kido nursery chain is nothing short of shocking.
Criminals calling themselves Radiant broke into Kido’s systems, accessed through a third-party software service, and posted private information online, including nursery photos, dates of birth, addresses, and parent contact details of young children. Even more disturbingly, some parents reported receiving threatening phone calls from the hackers, pressuring them to convince the nursery to pay a ransom.
This is not just a cyberattack. It is an attack on the safety, privacy, and wellbeing of children and families.
Why this matters
Education has always been a high-trust sector. Parents and staff expect that the information schools and nurseries hold will be kept confidential and safeguarded. Yet the reality is that many providers lack the budget, infrastructure, or expertise to protect themselves against increasingly sophisticated cybercriminals.
This case highlights several urgent truths:
Children’s data is highly sensitive and therefore highly valuable to criminals.
Schools and nurseries are vulnerable targets, often relying on third-party platforms without full visibility into security risks.
Cyberattacks are evolving. In this case, criminals even called parents directly, a cruel escalation designed to apply maximum pressure.
It’s a brutal reminder that cybersecurity in education cannot be an afterthought.
The role of EdTech in protecting schools
At an event just last night, I spoke with someone developing a cybersecurity solution specifically for education settings. This kind of innovation is exactly what’s needed.
There is a huge opportunity, and responsibility, for EdTech companies to step up in three key ways:
Specialist security solutions: Education environments have unique challenges and risks that require tailored defences.
Training and awareness: Teachers, leaders, and parents need support to understand threats and best practice.
Trust and reassurance: Suppliers who can demonstrate robust, transparent data protection will be trusted partners in a nervous sector.
Moving forward
This incident is appalling, but it may also serve as a wake-up call. If schools, nurseries, and their suppliers do not invest in robust cybersecurity, the consequences are simply too severe to ignore.
For EdTech businesses, the opportunity is clear: those who can offer reliable, education-focused cybersecurity will not only find a receptive market, they’ll also play a vital role in protecting children, families, and staff.
Because at the end of the day, safeguarding doesn’t stop at the classroom door. It extends to every piece of data schools hold. And in today’s world, protecting that data is as important as protecting the pupils themselves.