In 2023, transport company in Northampton, Knights of Old (also known as KNP), was flourishing with 500 lorries operating every day. Now, the 158-year-old company has folded, resulting in 700 job losses, all because of a correctly guessed employee password.
The case has become a prime example of poor cyber security consequences, with BBC Panorama reporting on how the hackers gained entry, the extent of the ransom, and financial losses forcing the closure of company headquarters. Knights of Old’s security breach led to 730 redundancies, as well as two years of legal action surrounding back pay, and a sale of the Kettering premises.
According to the government’s cyber security breach report for 2025, there were 19,000 ransomware attacks on businesses in the UK last year. Ransom demands are on average £4million, which is an impossible or severely crippling cost for most companies. The incident at Knights of Old demonstrates the importance of companies to increase their cyber security and cyber hygiene, as well as the importance of effective cyber insurance.
The Incident
June 2023, Knights of Old staff members were suddenly locked out of the company IT system. They were unable to access administrative systems, finances or take customer payments, so therefore had to inform all their lorry drivers on the road to turn around.
A notorious hacking group, Akira, hacked the computer systems by guessing the password of an employee. The hackers then encrypted the company’s data and sent a ransom note demanding payment of as much as £5million.
The Investigation
Knights of Old then contacted their insurer who orchestrated a crisis team to get involved. They confirmed that all the systems were locked and the hackers had destroyed any backup data or recovery systems.
Akira is a cyber criminal group well-known among circles of cyber crisis experts. Akira has conducted a great many of these attacks, with 20 known to have been dealt with. Each time their cyber hack is so detrimental, that the only solution has been to negotiate payment for access back into the systems. Akira normally start at around £4million, with an average negotiated payout of £2million.
Ultimately, there was nothing that could be done to save or access the systems; the transport company could not raise the money required before September, and on Friday 2nd September they closed their headquarters.
The Outcome
Despite the scale of the attack, it was preventable. Two factor authentication would have provided a vital barrier of defence, forcing the hackers to overcome not only the password, but also locate a code supplied via email, phone number or authenticator app to the employee. Up to date systems would have had this procedure in place, and staff should have been trained on how to maintain secure and complex passwords.
Cyber security consultant and haulage company owner Paul Abbott said that the directors didn’t have a full understanding of the risks associated with cyber attacks. The tools required to successfully safeguard a business’s IT systems are available and not expensive, not as expensive as a breach.
After the hack, administrators handling the closure of Knights of Old informed some workers they would not be paid. 80 former staff then legally claimed against the company. Knights of Old sold their premises in a near £8million deal. 500 trucks came off the road, and 750 staff were left jobless and feeling let down by the ownership.
This incident was just one of 19,000 ransomware attacks which took place in 2023. Many companies do not report attacks, even paying ransoms without reporting them, so this number could be much larger.
The Benefits of being insured by Romero Insurance
An attack of this scale can happen to anyone at any time. Clients of Romero Insurance are advised to invest in cyber insurance. Cyber insurance is able to cover the cost of business interruption caused by a cyber attack, as well as a rebuild of your security systems in the event of a breach. The benefits of cyber insurance also includes comprehensive guidance on how to prevent an attack and how to sustain good cyber hygiene.
Romero Insurance are a decorated insurance broker with over 20 years experience of managing large corporate and commercial businesses, as well as SMEs and private clients. We offer extensive documentation and guidance on cyber security issues, including recommended programmes and providers for companies. We stay on top of emerging threats, ensuring our clients are best protected. Our in house claims team are experts at handling stressful and high-profile claims.
For more advice on your cyber security and to access our risk management services, contact Romero Insurance. For employee training on cyber awareness, and learning materials, let us know. To update your policy, or to check your cyber insurance details, get in touch today.
