The Small Business Cyber Security Guy | UK Cybersecurity for SMB & Startups
  • 4 DAYS AGO
  • 18 MIN

Your 3-Year-Old's Data Is on the Dark Web Right Now: The Kido Wake-Up Call

The Small Business Cyber Security Guy | UK Cybersecurity for SMB & Startups

In 40 years of Information Technology work, Noel Bradford has never been this angry. On September 25th, 2025, the Radiant ransomware gang stole personal data from 8,000 children at Kido International nurseries, posted their photos and medical records online, and then started calling parents at home to demand ransom payments. This isn't just another data breach. This is the moment cybercrime lost whatever soul it had left.

In this raw, unfiltered episode, Noel breaks down exactly what happened, why the security failures that enabled this attack exist in thousands of UK small businesses right now, and what you need to do immediately to protect your organisation from becoming the NEXT headline.

WARNING: This episode contains strong language and discusses disturbing tactics used by cybercriminals. Parental guidance advised.

What You'll Learn

  • The complete timeline of the Kido ransomware attack and how it unfolded
  • Why hackers spent weeks inside the network before striking
  • The new escalation tactic of directly contacting victims' families
  • Five critical security failures that allowed 8,000 children's records to be stolen
  • Why "we're too small to be targeted" is the most dangerous lie in business
  • The regulatory consequences Kido faces under UK GDPR
  • Immediate action steps every small business must take NOW
  • Why does this attack signal a fundamental shift in cybercrime tactics
Key Takeaways The Five Critical Failures
  1. Initial Access Was Preventable - Likely phishing, weak passwords, or unpatched vulnerabilities
  2. No Monitoring - Weeks of dwell time with zero detection
  3. No Network Segmentation - Hackers accessed everything once inside
  4. No Data Loss Prevention - 8,000 records exfiltrated without triggering alarms
  5. Inadequate Backups - No mention of restoration from clean backups
New Threat Landscape Reality
  • Ransomware gangs now directly contact victims' families
  • Children's data is being weaponised for psychological pressure
  • Moral boundaries in cybercrime have completely dissolved
  • Attack tactics proven successful will be replicated by other groups
Business Impact Statistics
  • 43% of UK businesses suffered a breach in the past year
  • Nearly 50% of primary schools reported cyber incidents
  • 60% of secondary schools experienced attacks
  • The education sector is particularly vulnerable
Featured Experts & Sources

Government & Law Enforcement:

  • Metropolitan Police Cyber Crime Unit
  • Information Commissioner's Office (ICO)
  • Jonathon Ellison, Director for National Resilience, National Cyber Security Centre

Cybersecurity Experts:

  • Rebecca Moody, Head of Data Research, Comparitech
  • Anne Cutler, Cybersecurity Expert, Keeper Security
  • Mantas Sabeckis, Infosecurity Researcher, Cybernews

Direct Victims:

  • Stephen Gilbert, Parent with two children at Kido nursery

Threat Actors:

  • Radiant Ransomware Gang (claims to be Russia-based)
Immediate Action Checklist Do These TODAY:
  • Enable multi-factor authentication on ALL business accounts
  • Check that all software is updated to the latest versions
  • Review who has access to sensitive data
  • Verify backups exist and are stored offline
  • Schedule staff phishing awareness training
Do These This Week:
  • Audit your network segmentation
  • Implement monitoring and alerting systems
  • Review password policies across the organisation
  • Create an incident response plan
  • Assess cyber insurance coverage
Do These This Month:
  • Conduct a full security audit
  • Test backup restoration procedures
  • Implement data loss prevention tools
  • Review vendor and third-party security
  • Schedule penetration testing
Resources Mentioned Government Resources
  • National Cyber Security Centre: https://www.ncsc.gov.uk/
  • Information Commissioner's Office: https://ico.org.uk/
  • Met Police Cyber Crime Unit: https://www.met.police.uk/advice/advice-and-information/fa/fraud/online-fraud/cyber-crime/
  • UK Cyber Security Breaches Survey: https://www.gov.uk/government/collections/cyber-security-breaches-survey
Cybersecurity Companies
  • Comparitech: https://www.comparitech.com/
  • Keeper Security: https://www.keepersecurity.com/
  • Cybernews: https://cybernews.com/
Legal & Compliance
  • UK GDPR Guidance: https://ico.org.uk/for-organisations/guide-to-data-protection/
  • Children's Data Protection: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/children-and-the-uk-gdpr/
Episode Quotes

"What happened to Kido International this week represents the absolute lowest point I've witnessed in 40 years of cybersecurity."

"These hackers didn't just encrypt some files and demand payment. They actively posted samples of children's profiles online. Then they started ringing parents directly."

"You're not special. You're not too small. You're not immune. You're just next on the list unless you take action."

"The hackers claim they 'deserve some compensation for our pentest.' Let that sink in. They're calling this a penetration test."

"A child's photo, name, and home address in criminal hands. This data doesn't expire. It doesn't get less valuable. It just sits there, a permanent risk to these families."

"None of these failures are unique to nurseries or large organizations. I see the same problems in small businesses every single week."

"You're making the same mistakes that led to 8,000 children's data being posted on the dark web. The only difference is scale."

Discussion Questions

  1. How would you respond if your business were to experience a similar attack?
  2. What security measures do you currently have in place?
  3. Do you know where your most sensitive data is stored and who can access it?
  4. When was the last time you tested your backup restoration?
  5. How would you handle direct contact from threat actors?
Connect With Noel Bradford
  • Website: The Small Business Cyber Security Guy
  • Email: hello@thesmallbusinesscybersecurityguy.co.uk
  • LinkedIn: Noel Bradford

Need Help With Your Cybersecurity? Equate Group

Support The Podcast

If this episode made you think differently about cybersecurity, please:

  • ⭐ Leave a 5-star review on Apple Podcasts
  • 📢 Share this episode with other business owners
  • 📧 Subscribe to get every new episode
  • 💬 Join the conversation on social media using #KidoHack

Legal Disclaimer

The information provided in this podcast is for educational and informational purposes only. It does not constitute legal, financial, or professional cybersecurity advice. Always consult with qualified professionals regarding your specific situation. Opinions expressed are those of the host and do not necessarily reflect the views of any organisations mentioned.

Transcript

Full episode transcript available at: TBC

Episode Tags

#Cybersecurity #Ransomware #DataBreach #SmallBusiness #KidoHack #UKBusiness #CyberCrime #DataProtection #GDPR #InformationSecurity #CyberAwareness #ThreatIntelligence #BusinessSecurity #RansomwareAttack #ChildSafety

© 2025 The Small Business Cyber Security Guy Podcast. All rights reserved.

Episode Webpage

Information