A single compromised password has brought down KNP Logistics, a British transport firm founded in 1865, leaving over 700 people without jobs and underlining how devastating cyberattacks have become for small and medium-sized businesses across the UK.

In June, the Akira ransomware group infiltrated KNP’s internal systems by guessing an employee’s password. Once inside, the hackers encrypted the company’s essential files and demanded a ransom reportedly worth £5 million. With operations paralyzed and financial records locked, the company had no path to recovery.

The ransom note read: “If you’re reading this, it means the internal infrastructure of your company is fully or partially dead. Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”

Paul Abbott, a director at KNP, admitted he hasn’t told the employee whose credentials were likely exploited. “Would you want to know if it was you?” he said in an interview, highlighting the emotional fallout these breaches leave behind. KNP operated under the “Knights of Old” name and had a fleet of 500 lorries. It is now permanently closed.

The company’s collapse follows a sharp rise in UK ransomware attacks, which have hit major retailers including Marks & Spencer, Co-op, and Harrods in recent months. According to the National Crime Agency, the country now sees 35–40 ransomware incidents a week, a number experts say is likely to increase. Small and medium-sized enterprises are the most common targets, with 56% of attacks this year hitting businesses with under 50 employees.

The Akira group, responsible for KNP’s collapse, has reportedly extorted over $42 million from more than 250 victims since emerging in 2023. Security analysts say over 80% of breaches are linked to weak or reused passwords. With cracking tools able to break most common passwords in under a second, authorities are urging businesses to adopt stricter defenses before it’s too late.