A 158-year-old UK transport company, KNP Logistics, has collapsed after falling victim to a ransomware attack allegedly carried out by the notorious Akira gang, resulting in 700 job losses and complete data loss. Despite maintaining cyber-attack insurance and following industry IT protocols, the company could not recover from the breach.
Hackers Exploited Weak Passwords to Breach Systems
The breach reportedly began when hackers guessed an employee’s password and accessed the internal network, encrypting sensitive business data and locking out staff from critical systems. KNP Logistics, which operates around 500 lorries under the Knights of Old brand, was left paralysed.
Company director Paul Abbott acknowledged that a single compromised password was at the heart of the breach, though the specific employee has not been informed. Once inside, the attackers deployed ransomware that encrypted all data and issued a chilling ransom note:
“If you’re reading this, it means the internal infrastructure of your company is fully or partially dead… Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”
While the ransom amount was not specified, cybersecurity experts estimate it could have been around ₹54 crore (£5 million). KNP, unable to meet the demand, suffered irreversible losses that led to its closure.
Surge in Ransomware Threats Across the UK
The incident highlights growing concerns about ransomware attacks across the UK. Prominent brands such as Marks & Spencer (M&S), Co-op, and Harrods have also been targeted. In Co-op’s case, data belonging to 6.5 million members was compromised.
Richard Horne, CEO of the National Cyber Security Centre (NCSC), stressed the need for stronger cybersecurity practices. “We need organisations to take steps to secure their systems, to secure their businesses,” he stated.
Experts from NCSC and the National Crime Agency (NCA) report a troubling rise in incidents. Suzanne Grimmer, head of the NCA’s cyber team, revealed that ransomware incidents have nearly doubled to 35–40 per week, warning that 2025 may become the worst year on record for such attacks.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Grimmer also noted the growing accessibility of hacking tools and techniques, especially social engineering, including fake IT helpdesk calls that trick employees into granting access.
Cybersecurity officials like “Jake” (alias), who work night shifts to intercept attacks, say the scale of activity has increased dramatically:
“You understand the scale of what’s going on, and you want to reduce the harm. It can be thrilling, especially if we’re successful.”
