Hackers exploited a weak password to infiltrate and shut down a 158-year-old UK firm, leaving 700 employees jobless and sparking fresh concerns over ransomware attacks.
A single compromised password was all hackers needed to bring down KNP, a 158-year-old Northamptonshire-based transport company, putting 700 staff out of work.
The cyberattack, attributed to the Akira ransomware gang, locked KNP out of its own systems and encrypted all data. The hackers demanded a ransom estimated at £5 million—money KNP didn’t have.
According to director Paul Abbott, the breach likely stemmed from an employee’s weak password. “Would you want to know if it was you?” he remarked, choosing not to inform the staff member.
Despite KNP’s insurance and adherence to industry standards, the company was left unable to function. The attack highlights the growing threat of ransomware, with the UK recording an estimated 19,000 such attacks in 2023 alone.
Richard Horne of the National Cyber Security Centre warned: “We need organisations to take steps to secure their systems.”
With cybercrime on the rise, experts are calling for stricter rules and reporting requirements to protect businesses and hold criminals accountable.