The names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals.

The criminals have demanded a ransom from the company – which has 18 sites around London, with more in the US, India and China – according to the BBC.

The hackers have claimed they also possess information about the children’s parents and carers, as well as safeguarding notes, and have contacted some by phone as part of their extortion tactics.

Kido was contacted for comment. The company has yet to confirm the hackers’ claims. The company has not released a public statement nor confirmed the hackers’ claims.

An employee at one of the nurseries told the BBC they had been notified of a data breach.

The Metropolitan police said they had received a referral on Thursday “following reports of a ransomware attack on a London-based organisation”. They added: “Enquiries are ongoing and remain in the early stages within the Met’s cyber crime unit. No arrests have been made.”

A spokesperson from the Information Commissioner’s Office said: “Kido International has reported an incident to us and we are assessing the information provided.”

A number of companies have been subjected to cyber-attacks in recent months. The Co-op said it had fallen into the red after it suffered an £80m hit to profits as a result of an attempted hack in April.

skip past newsletter promotion

Our morning email breaks down the key stories of the day, telling you what’s happening and why it matters

Privacy Notice: Newsletters may contain information about charities, online ads, and content funded by outside parties. If you do not have an account, we will create a guest account for you on theguardian.com to send you this newsletter. You can complete full registration at any time. For more information about how we use your data see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply.

JLR, the maker of Jaguar and Land Rover cars, has not been able to assemble cars since the start of the month after cyber-attackers penetrated its computer systems.

The company was forced to shut down most of the computer systems it uses to track parts, vehicles and tooling in its factories, as well as everything to do with selling its luxury Range Rover, Discovery and Defender SUVs.

The company has restarted a limited number of computer systems.