368/68 Friday, September 26, 2025
KNP Logistics Group (formerly Knights of Old), a historic UK transport company with a legacy of over 158 years, was forced to shut down in June 2025 after falling victim to the Akira ransomware gang. The attackers gained access to the company’s systems through a single weak employee password, without the need for phishing or any sophisticated techniques. Once inside, the hackers deployed ransomware that encrypted the company’s entire infrastructure, deleted backups, and demanded a ransom of £5 million, which the company was unable to pay.
Despite having IT standards and cyber insurance in place, KNP was unable to contain the damage. Operations ground to a halt, more than 500 trucks were taken off the road, and business data became completely inaccessible. A critical incident response team assessed the situation as the worst-case scenario for an organization. Within weeks, the company entered insolvency proceedings, leaving over 700 employees jobless.
The KNP case highlights the persistent global issue of password security, which remains a major vulnerability. Research from Kaspersky shows that nearly half of leaked passwords can be cracked in under a minute. Without the protection of multi-factor authentication (MFA), even the smallest weakness can escalate into an organizational crisis. Experts recommend that companies enforce strong password policies, regularly check passwords against leaked credential databases, enable MFA, adopt Zero Trust security models, and rigorously test backup systems to prevent a repeat of such devastating incidents.
Source https://thehackernews.com/2025/09/how-one-bad-password-ended-158-year-old.html
