Getting pwned has its costs. Which is why one should do everything possible not to get pwned.
Too bad KNP which is a transport company in the UK didn’t follow that advice. Because one weak password allowed hackers to not only pwn them, but put this 158 year old company out of business:
KNP director Paul Abbott says he hasn’t told the employee that their compromised password most likely led to the destruction of the company.
“Would you want to know if it was you?” he asks.
And:
In 2023, KNP was running 500 lorries – most under the brand name Knights of Old.
The company said its IT complied with industry standards and it had taken out insurance against cyber-attack.
But a gang of hackers, known as Akira, got into the system leaving staff unable to access any of the data needed to run the business. The only way to get the data back, said the hackers, was to pay.
“If you’re reading this it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue,” read the ransom note.
The hackers didn’t name a price, but a specialist ransomware negotiation firm estimated the sum could be as much as £5m. KNP didn’t have that kind of money. In the end all the data was lost, and the company went under.
Darren James, a Senior Product Manager at Specops Software had this to say:
“While high-profile cases make headlines, over 19,000 ransomware attacks hit UK businesses last year, many going unnoticed except by those directly impacted. A common cause? Weak, reused, or already breached passwords.”
“Stronger password policies, continuous breached password scanning, secure self-service resets, and proper service desk verification are simple, cost-effective measures that can dramatically reduce risk. In today’s cyber threat landscape, your first line of defense is still one of the most critical.”
Consider this example a warning to get your house in order. Because it doesn’t take much for a bad actor to kill your company.
Like this:
Like Loading...
Related
This entry was posted on July 22, 2025 at 11:26 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
A Weak Password Tanks 158 Year Old Company
Getting pwned has its costs. Which is why one should do everything possible not to get pwned.
Too bad KNP which is a transport company in the UK didn’t follow that advice. Because one weak password allowed hackers to not only pwn them, but put this 158 year old company out of business:
KNP director Paul Abbott says he hasn’t told the employee that their compromised password most likely led to the destruction of the company.
“Would you want to know if it was you?” he asks.
And:
In 2023, KNP was running 500 lorries – most under the brand name Knights of Old.
The company said its IT complied with industry standards and it had taken out insurance against cyber-attack.
But a gang of hackers, known as Akira, got into the system leaving staff unable to access any of the data needed to run the business. The only way to get the data back, said the hackers, was to pay.
“If you’re reading this it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue,” read the ransom note.
The hackers didn’t name a price, but a specialist ransomware negotiation firm estimated the sum could be as much as £5m. KNP didn’t have that kind of money. In the end all the data was lost, and the company went under.
Darren James, a Senior Product Manager at Specops Software had this to say:
“While high-profile cases make headlines, over 19,000 ransomware attacks hit UK businesses last year, many going unnoticed except by those directly impacted. A common cause? Weak, reused, or already breached passwords.”
“Stronger password policies, continuous breached password scanning, secure self-service resets, and proper service desk verification are simple, cost-effective measures that can dramatically reduce risk. In today’s cyber threat landscape, your first line of defense is still one of the most critical.”
Consider this example a warning to get your house in order. Because it doesn’t take much for a bad actor to kill your company.
Share this:
Like this:
Related
This entry was posted on July 22, 2025 at 11:26 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.