According to BBC, a single weak password is believed to have ended a 158-year-old UK transport company.
KNP, based in Northamptonshire, collapsed after falling victim to a ransomware attack. The breach left 700 people without jobs.
The hackers, linked to the ransomware gang Akira, got in by guessing an employee’s password, according to a BBC report. Once inside, they locked the company out of its systems and demanded a ransom. KNP couldn’t pay.
A ransom note left by the gang read, “If you’re reading this it means the internal infrastructure of your company is fully or partially dead… Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”
No ransom figure was given, but cyber experts estimated the demand could have been as high as £5 million.
KNP was operating around 500 trucks under the “Knights of Old” brand when it was hit in 2023. Despite having cyber insurance and meeting industry standards, the attack proved too much.
Company director Paul Abbott told the BBC he hadn’t told the employee whose password was likely compromised. “Would you want to know if it was you?” he said.
Additionally, Richard Horne, CEO of the National Cyber Security Centre, stressed the need for businesses to secure their systems. “We need organisations to take steps to secure their systems, to secure their businesses,” he told the BBC’s Panorama, which was given access to the team tackling these international threats.
KNP joins a growing list of UK firms hit by cyberattacks. In recent months, companies like M&S, Co-op, and Harrods have also seen data breaches. Co-op confirmed all 6.5 million of its members had their data stolen.
