Two people have been arrested after cyberhackers stole information about thousands of children from a nursery chain.
Two men aged 17 and 22 were arrested in Bishop’s Stortford, Hertfordshire, on suspicion of computer misuse and blackmail, the Metropolitan Police said.
They remain in custody for questioning, the force said.
Cyberhackers were said to be using pictures and the names of about 8,000 children from the Kido nursery chain, to demand ransom money.
The BBC, which first reported the story, said it had been contacted by the hackers, who appear to be called Radiant, and have published some stolen data including pictures and profiles of 10 children to their darknet website.
Information about the children’s parents, carers and safeguarding notes could be in the hands of the hackers after the ransomware attack, it is feared.
Will Lyne of the Met said: “Since these attacks took place, specialist Met investigators have been working at pace to identify those responsible.
“We understand reports of this nature can cause considerable concern, especially to those parents and carers who may be worried about the impact of such an incident on them and their families.
“We want to reassure the community and anyone affected that this matter continues to be taken extremely seriously.
“These arrests are a significant step forward in our investigation, but our work continues, alongside our partners, to ensure those responsible are brought to justice.”
BBC News said it had challenged the hackers over using children’s data to extort from a nursery, and were told by the criminals that they “weren’t asking for an enormous amount” and they “deserve some compensation for our pentest”.
A “pentest”, or penetration test, is the term for when ethical hackers are hired to assess the security of an organisation in a controlled and professional way.
