A recent cyberattack on the Kido nursery chain in London has highlighted a disturbing trend: cybercriminals are increasingly targeting early years settings.
According to the BBC, Hackers, identified as the “Radiant” group, breached Kido’s systems, stealing personal data of approximately 8,000 children and their families. They released sensitive information, including names, photos, home addresses, and family contact details, and threatened to publish more unless a ransom was paid. While the risk of physical harm was low, the incident underscores the vulnerability of early years and primary education settings to cybercrime.
Key Statistics on Cybersecurity in Education
In June 2025, the Department for Science, Innovation and Technology published the Cyber Security Breaches Survey 2025: Education Institutions Findings. The survey highlights the prevalence and nature of cyber threats facing schools and nurseries, revealing some concerning trends for the sector.
– Phishing Attacks: 89% of primary schools and 89% of secondary schools reported phishing incidents.
– Impersonation: 68% of further and higher education institutions experienced impersonation attacks, compared to 32% of primary schools.
– Viruses, Spyware, or Malware: 42% of further and higher education institutions reported such attacks, whereas only 9% of primary schools were affected.
– Denial of Service Attacks: 36% of further and higher education institutions experienced these attacks, compared to just 2% of primary schools.
Why Are Schools and Nurseries Targeted?
Educational institutions are increasingly attractive targets for cybercriminals due to several factors:
– Sensitive Data: Schools and nurseries hold a wealth of personal information about children and staff, making them valuable targets.
– Limited Resources: Many institutions lack the necessary resources and expertise to implement robust cybersecurity measures.
– Increased Digitalisation: The growing reliance on digital platforms for administration and communication has expanded the potential attack surface.
Steps to Enhance Cybersecurity in Schools and Nurseries
To mitigate the risk of cyberattacks, educational institutions should consider the following measures:
– Regular Training: Conduct regular cybersecurity training for staff to recognise and respond to potential threats.
– Implement Strong Access Controls: Ensure that sensitive data is accessible only to authorised personnel.
– Regular Software Updates: Keep all systems and software up to date to protect against known vulnerabilities.
– Data Encryption: Encrypt sensitive data both in transit and at rest to protect it from unauthorised access.
– Incident Response Plan: Develop and maintain an incident response plan to quickly address and mitigate the impact of any cyberattacks.
The recent cyberattack on Kido nurseries serves as a stark reminder of the growing cybersecurity threats facing educational institutions. With the increasing prevalence of cyberattacks, it’s imperative for schools and nurseries to prioritise cybersecurity to protect the sensitive data of children and staff.
At Advantex, we work with schools and Multi Academy Trusts to implement tailored IT and cybersecurity solutions, helping protect your most valuable data and ensuring peace of mind for staff, students, and parents.
Protect your school today. Contact our team. of Education specialists to discuss how we can secure your IT systems and strengthen your cybersecurity.
