Following recent news in the media that the ‘Kido‘ nursery group’s data has been breached and held to ransom, we’ve had a number of concerned customers and parents reach out to us about our own data security.

The Kido group has confirmed they use another software provider, and as such this breach has no impact whatsoever on Blossom’s user data.

As always, your data with Blossom is safe and secure. Below, we detail how this is always the case.

How Blossom keeps your data secure

When your Blossom data is stored or in transit, it’s encrypted with 256-bit encryption. This is considered virtually uncrackable by brute-force attacks using current computer systems. And we use AWS (Amazon Web Service) cloud servers for our data as their tools allow us to continually ensure security over financial information along with the five Trust Services Criteria.

The benefits of using cloud servers include automatic patching, updates and infrastructure hardening, so security updates are delivered instantly as soon as they’re available. They also have redundancy, failover and disaster recovery built in – increasing resilience to both outages and attacks. At Blossom we do system backups twice a day, and data is only ever stored in Europe.

We don’t have a public api, so your data is only ever shared with accredited third parties such as Stripe, or on your Blossom platform. This hugely reduces our attack surface, meaning we have no additional vulnerabilities or data exposure that can benefit hackers.

Our Development teams are ISO certified for data compliance, particularly ISO 27001 which is a standard for protecting data through a systematic approach to data management.

In short, we’re doing everything we can to keep your children’s and parents’ data safe. But there are also steps you can take to reduce your exposure to a data breach.

How to protect your data

Restrict access

It starts with thinking carefully about who you allow to access your data. In the same way you wouldn’t share your phone PIN with anyone you didn’t trust, you shouldn’t let anyone in your setting access data they don’t need.

This is called ‘least privilege’, and can be controlled through Blossom’s role permissions and device access, including room-specific restrictions. You should also periodically review and revoke unused accounts.

Staff training

Staff training on awareness of phishing attempts is paramount, as not every phishing attempt reads like a scam, full of spelling errors and other obvious giveaways. With the rise of AI phishing attempts can also include voice imitation of someone close to you. Blossom staff will never ask for your platform password, either by phone or email.

Device security

Ensure all devices you use to access Blossom (or any data you want to keep safe) have up-to-date software, use network security like firewalls, and aren’t used for anything ‘risky’ like unrestricted web browsing or unchecked downloads.

You should also lock and secure portable devices with screen locks, auto locks, device PINs and timeout features. Blossom features a timeout so users cannot stay logged in indefinitely, reducing risk.

Our platform also tells you if you’re using a weak or strong password, and you should always use the strongest password you can. It might be harder to remember, but as soon as you choose convenience over security, that security is weakened.

Breach response and procedures

Define the steps you and users should take if a device that accesses Blossom is lost or stolen, including who to contact, how to change credentials remotely, and auditing log in attempts. While it can be scary, make sure anyone who suffers this lost or theft is unafraid to report it, as the longer they take to report it the greater the risk of breach.

Maintain clear data protection policies and review them regularly, such as once a year. You should also assign responsibilities such as a data protection lead, log monitor, first point of contact etc.

If you’re not sure where to start with any of these, there are some free resources below which you can use to up your security and prepare for future threats:

Content
Written by
Stuart Thomas

Stuart's been writing content for more than a decade, always driving to find the right answer to your questions and make them easy to understand.

Share

Learn more

Related articles

Ofsted – A new approach to inspections
Ofsted – A new approach to inspections
Gallery

Ofsted – A new approach to inspections

November 7, 2025|0 Comments
Rebecca Reeve – Mastering Admissions from Enquiry to Enrolment
Rebecca Reeve – Mastering Admissions from Enquiry to Enrolment
Gallery

Rebecca Reeve – Mastering Admissions from Enquiry to Enrolment

November 7, 2025|0 Comments
The Importance of Early Years Leadership and Effective Management
The Importance of Early Years Leadership and Effective Management
Gallery

The Importance of Early Years Leadership and Effective Management

October 28, 2025|0 Comments
How to increase occupancy in my nursery business
How to increase occupancy in my nursery business
Gallery

How to increase occupancy in my nursery business

October 28, 2025|0 Comments
The MITEY UK and other methods: how to get more men to join the EYFS
The MITEY UK and other methods: how to get more men to join the EYFS
Gallery

The MITEY UK and other methods: how to get more men to join the EYFS

October 28, 2025|0 Comments
How to Create a Meaningful ‘Loose Parts’ Play provision in Your Setting
How to Create a Meaningful ‘Loose Parts’ Play provision in Your Setting
Gallery

How to Create a Meaningful ‘Loose Parts’ Play provision in Your Setting

October 28, 2025|0 Comments
Promoting Health and Wellbeing in Early Years: 5 Fundamentals for Mentally Healthy Habits
Promoting Health and Wellbeing in Early Years: 5 Fundamentals for Mentally Healthy Habits
Gallery

Promoting Health and Wellbeing in Early Years: 5 Fundamentals for Mentally Healthy Habits

October 28, 2025|0 Comments
The day of an EYFS Ofsted inspection
The day of an EYFS Ofsted inspection
Gallery

The day of an EYFS Ofsted inspection

October 28, 2025|0 Comments
How to prepare staff, parents and children for an Ofsted inspection
How to prepare staff, parents and children for an Ofsted inspection
Gallery

How to prepare staff, parents and children for an Ofsted inspection

October 28, 2025|0 Comments
The Early Years Inspection Handbook, 3 I’s, reflective practice, and more
The Early Years Inspection Handbook, 3 I’s, reflective practice, and more
Gallery

The Early Years Inspection Handbook, 3 I’s, reflective practice, and more

October 28, 2025|0 Comments