[ad_1]
Share
Mantas Sabeckis, senior security researcher at Cybernews, explains why childcare and education providers are increasingly targets for heartless cyber criminals…
When hackers go after hospitals, schools, or in this case, nurseries, it feels like the lowest of the low. The Kido breach has put the personal details of thousands of kids in danger. Names, photos, home addresses, even notes about safeguarding issues have been stolen.
That’s the sort of information you can’t just cancel like a credit card. Once it’s out there, it’s out for good. This is the type of data that could enable stalking, harassment, or even the targeting of families who might already be vulnerable.
This hack exposes the same problems we see again and again. Many childcare and education providers aren’t thinking like targets. They’re small to mid-sized businesses which focus on care, not tech.
IT gets outsourced “just enough” to keep systems running, but not enough to build security into the DNA of the company. Data ends up sitting on outdated servers, without strong encryption, without multifactor authentication, and usually with staff who simply aren’t trained to spot phishing emails.
Extortion – plain and simple
It’s only a matter of time before a group like Radiant finds the cracks and enters.
The hackers playing it off as a “pentest” (penetration test) is laughable. A pentest, when done legitimately, is agreed on, planned, and controlled.
What these attackers did was closer to breaking into someone’s home, taking photos of their kids’ bedrooms, and then asking the parents for cash to “prove the locks need fixing.”
It’s extortion, plain and simple. Hiding behind cybersecurity buzzwords doesn’t make it acceptable.
So what can nurseries, or really any small chain of businesses handling sensitive personal data, do better? A few basics go a long way:
-
Encrypt everything. Photos, notes, addresses, databases – it should all be locked down so stolen files aren’t instantly usable.
-
Zero trust access. Staff should only see the data they need, nothing more. No wide-open database for everyone.
-
Regular backups and response drills. If ransomware hits, you need a way back online without fuelling the crime economy.
-
Staff training. Parents trust nurseries with their children. Nurseries need to trust their employees to spot scams and follow strict security steps.
Clearly, if you’re holding information on kids, you’re a high-value target. Criminals don’t care about innocence. They care about leverage.
That means the burden is on these institutions to treat child data like gold and defend it the same way banks defend their cash vaults.
ABOUT THE AUTHOR
Mantas Sabeckis is a senior security researcher at Cybernews.
Cyber gang escalate ransom demand, leak more data from nursery chain
Related Posts
Discover more from Tech Digest
Subscribe to get the latest posts sent to your email.
[ad_2]
Chris Price
Source link