As of recently, September 2025, there has been a data breach of a well-known nursery franchise who provide their care services around the world.
Just when you thought hacking news could it not get any worse, the BBC are reporting that the hackers have stolen around 8.000 sensitive pieces of data about children who attend the care centre.
The group are calling themselves, Radiant.
Who’s Radiant?
Radiant has admitted that they have access to Kido safeguarding notes, as well as sensitive medical information and to prove they are in possession of the stolen data they have posted samples of:
Images of children
Names
Addresses
Dates of Birth
Parent and carer details
Prevention is the best Cure
We always believe that prevention is the best cure, so we have outlined a few tips to help within the children’s care sector.
The use approved systems only: Store sensitive data exclusively within authorised platforms (e.g. Access, ClearCare, or other secure case management systems).
Avoid local storage: Never save sensitive files directly onto desktops, laptops, or removable drives.
Handle email securely: Upload any received data promptly into the approved system, and do not leave it sitting in email inboxes.
Encrypt sensitive information: Always use encryption for emails and attachments containing personal or safeguarding data, especially when sending outside the organisation.
Restrict access: Ensure only authorised staff with a genuine need can access sensitive files.
Maintain staff vigilance: Train staff to spot phishing attempts and malicious links, and remind them never to share login credentials with anyone.
Regular audits: Periodically review data handling practices and supplier security measures to confirm robust protections are in place.
You may find yourself reading this not knowing that a breach is just around the corner, so what do you do when breach actually happens?
BREACH: What now?
In the UK, if a data breach occurs, organisations must act quickly. The first steps are to contain the breach, assess what information was affected, and keep a record of events.
If the breach risks people’s data and safety, it must be reported to the Information Commissioner’s Office (ICO) within 72 hours, and affected individuals may also need to be informed.
Beyond compliance, reviewing what went wrong and strengthening staff training, policies, and security systems is essential to prevent future incidents.
If you need some healthy advice on securing your current systems, speak to a Care Sector IT expert at Qline IT today.
