A cyberattack on KNP Logistics has forced the closure of the 158‑year‑old UK transport company, leaving approximately 700 staff without jobs. The breach, reportedly traced to the notorious Akira ransomware gang, stemmed from a single weak password, which hackers used to infiltrate systems, encrypt data, and effectively shut down operations.
KNP Logistics Group, trading under the historic Knights of Old brand, operated a fleet of around 500 lorries and employed over 900 people across multiple depots. Despite standard cybersecurity measures and insurance in place, KNP could not recover from the cyberattack.
The attackers accessed the KNP Logistics network by guessing an employee’s password, exploiting weak credentials and a lack of multi-factor authentication. A ransom note left by the Akira ransomware gang ominously stated:
“If you’re reading this, it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.” Although note did not name a specific ransom, cybersecurity negotiators estimated a demand of up to £5 million. Unable to meet these terms, KNP accepted total data loss and entered administration in September 2023, leading to 730 redundancies, with only 170 jobs preserved through a sale of Nelson Distribution, reported the BBC.
KNP’s former co-owner, Paul Abbott, later revealed that the breach began with a brute-force attack against a single weak password. He noted that although the company had taken precautions like cybersecurity insurance, the lack of multi-factor authentication left them vulnerable. Even though they had backups and alternative workflows, the attackers destroyed critical financial records, preventing KNP from securing bridging loans or undergoing a viable sale.
The KNP Logistics cyberattack is part of a troubling surge in high-profile cyber incidents across the UK in 2025. Notable cases include:
These incidents have caused service disruptions, supply chain breakdowns, and compromised customer data, highlighting systemic vulnerabilities. The UK’s National Cyber Security Centre (NCSC) has made multiple advisories urging businesses, large and small, to upgrade defenses.
Despite having a £1 million cyber insurance policy, KNP was unable to recover, revealing the limitations of relying solely on insurance for cyber resilience. The company’s compromised backups further exposed flaws in its recovery planning.
Additionally, the lack of early visibility and transparency during the crisis reflects a broader issue, as many ransomware incidents go unreported. In response, the NCSC advises better cybersecurity measures, including network segmentation, regular patching, user education, and enhanced monitoring.
The collapse of this 158-year-old firm demonstrates that even long-standing enterprises can be brought down by basic security failures, and that proactive, layered defenses are now essential for survival.
CVE-2024-37079 in VMware vCenter Server allows remote code execution. Exploitation is active, patch affected systems urgently.
According to Dufresne, this proactive approach can help organizations innovate responsibly, reduce risks, build for the future, and earn public…
Nike confirmed it is investigating a potential Nike cyberattack after a cybercrime group claimed it leaked 1.4TB of internal company…
The Commission is also empowered to adopt a non-compliance decision or accept commitments from X to remedy the issues under…
Data privacy is not a checkbox; it is a continuous state of being.
Microsoft has released an emergency fix for an actively-exploited zero-day vulnerability affecting Microsoft Office. The vulnerability, CVE-2026-21509, is labeled a…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More