a black and white cat laying on top of a white wall

Cyber Security Breaches Survey: Education Institutions Annex

Cyber-attack on a Chain of Nurseries in London

Two 17-year-old boys were arrested by police investigating a cyber-attack on a chain of nurseries in London. The cyber attack on Kido’s nurseries was first brought to the BBC’s attention on 22 September, when hackers calling themselves Radiant attempted to gain publicity for a data theft as part of their efforts to extort the nursery chain for around £600,000 in Bitcoin.

The BBC did not report on the breach until the hackers began posting images and profiles of some of the children on their darknet site on 25 September — a move cyber experts described as a “new low” in cybercrime.

The stolen data included names, addresses and pictures of children, along with contact details for parents and carers.

The hackers reportedly contacted parents directly to pressure Kido into paying the ransom to have the data deleted. More children’s profiles were later added, bringing the total to 20.

In an unusual move, the hackers blurred the images after expressing concern about their reputation within other hacking groups.

On 2 October, they removed all the stolen data and pictures from their darknet site and claimed to have deleted all 8,000 children’s files, saying: “No more remains and this can comfort parents.”

A spokesperson for Kido said: “We welcomed this swift action from the Met Police and recognised it as an important milestone in the process of bringing those responsible to justice.

Additional Resources

To learn more about Data Protection, consult the Handsam Quick Guides by using the Topic Tag DATA PROTECTION. Handsam also offers a range of Data Protection policies, and you can reach out to us at 03332 07037 or email info@handsam.co.uk for further details or pricing.

The Cyber Security Breaches Survey is a key research study supporting the UK’s cyber resilience and the goals of the National Cyber Strategy. Its findings help shape government policy on cyber security, with the aim of making the UK’s digital environment a safer place to do business.

The survey examines how businesses, charities, and educational institutions manage cyber security — including their policies, processes, and overall approach. It also analyses the types of cyber attacks and cyber crimes these organisations experience, the impact of such incidents, and how they respond

Prevalence and Impact of Cyber Security Breaches and Attacks

  • Primary schools reported levels of cyber breaches or attacks similar to the average UK business, with 52% identifying at least one incident in the past year;

  • All other types of educational institutions were more likely than the average UK business to experience cyber security breaches or attacks;

  • 71% of secondary schools identified a breach or attack within the last 12 months;

  • Further education (FE) and higher education (HE) institutions experienced breaches and attacks more frequently than schools, and across a wider range of attack types, including impersonation attempts, malware infections, and unauthorised network or file access;

  • 86% of FE colleges and 97% of HE institutions reported experiencing a breach or attack in the past year; and

  • Almost six in ten HE institutions said they had been negatively impacted by a cyber incident.

Engagement with Cyber Security

Education institutions generally demonstrated greater senior-level engagement with cyber security than the average UK business, comparable to that seen in large enterprises.

However, awareness of government guidance—such as the National Cyber Security Centre’s (NCSC) 10 Steps to Cyber Security, Board Toolkit, certification schemes like Cyber Essentials, and campaigns such as Cyber Aware—was lower among primary and secondary schools this year.

Awareness and adoption of these initiatives were much higher in FE colleges and HE institutions.

Approaches to Cyber Security

Across the sector, educational institutions showed stronger preparedness and planning for cyber security than the average UK business, with approaches more closely resembling those of large organisations.

Most had an established cyber security policy, particularly in FE colleges and HE institutions, where such policies were most prevalent.

The majority had taken active steps in the past 12 months to identify and manage cyber risks, such as conducting formal risk assessments.

Primary schools tended to have less sophisticated cyber risk management processes compared with secondary schools, colleges, and universities.

All types of educational institutions were more likely than the average business to have implemented technical controls across the five key areas covered by the Cyber Essentials framework.

a person wearing a mask using a laptop
a person wearing a mask using a laptop

Office 27, East Moons Moat Business Centre

Oxleasow Rd, Redditch B98 0RE

Phone: 0333 207 0737

info@handsam.co.uk