Alleged hackers who attempted to extort a nursery chain by posting stolen images and data about children on the darknet reportedly have removed the posts and claim to have deleted the information.
The criminals began posting profiles of the children to their website last 25 September, adding another 10 children days later and vowing to continue until Kido Schools paid a ransom in Bitcoin.
The criminals also contacted parents directly with threatening phone calls whilst trying to get their ransom paid.
But public revulsion at their attack appears to have forced the criminals to backtrack.
First they blurred the images but kept the data up - now they have taken all the information offline, and apologised for their actions.
Their apparent change of heart has been met with scepticism by experts, who had previously condemned the targeting of nurseries as a "new low" for cyber-criminals.
"This is more about pragmatism than morality," said cyber-security expert Jen Ellis.
"These criminals are clearly shocked and worried by the attention their hack has caused and they are trying to protect themselves or their brand."
The hackers claim to have deleted everything they took - which included the private details and pictures of around 8,000 children as well as contact information for parents and carers.
It's understood Kido have not paid the hackers a ransom which was thought to be around £600,000.
Past cases have shown that hackers often say they have deleted stolen data and been found to have kept it or sold it on.
When the UK's National Crime Agency took down the cyber crime gang LockBit they discovered troves of data still on the criminal's servers that victims had paid to be deleted.
The nursery hackers, calling themselves Radiant, appear to be concerned that their hack has crossed an undefined moral line since the public outcry began against them.
"We are sorry for hurting kids," the cyber-criminals told BBC News.
It's not known who the hackers or hacker are but they appear to be a new and possibly inexperienced group.
Their darknet site is newly created but they claim to have carried out other hacks in the past.
This isn't the first time that cyber-criminals have backtracked on an attack.
In 2020 a gang using Dopplepaymer ransomware gifted their encryption key to a German hospital after the chaos contributed to the death of an emergency care patient.
No comments:
Post a Comment