News & Insights

One Weak Password. 158 Years Gone.

Alex Ward

29/8/2025

Risk Control

When long-standing logistics firm Knights of Old collapsed earlier this year, the root cause wasn’t market pressures, bad leadership, or a product recall, it was a single weak password.

Cybercriminals exploited that vulnerability, deployed ransomware, and wiped out both systems and backups. The business, with roots dating back to 1867, couldn’t recover.

This wasn’t just a data breach, it was a fatal blow.

What Happened?
  • A weak password was guessed by attackers, no brute force needed.
  • Access escalated, giving them admin-level control.
  • Backups were deleted, including the cloud copies.
  • Systems were unrecoverable.
  • The company folded, with hundreds of staff made redundant.

The firm believed they were following "industry standards", but in today’s cyber landscape, minimum compliance isn’t sufficient. Prevention and resilience must go further.

What This Teaches Us?

It’s no longer a question of if a cyberattack might happen, but when, and whether your systems, people, and policies are prepared.

This case shows how easily a well-established business can be brought down by a single point of weakness. So how do you prevent that?

  • Use long, complex passwords or passphrases (and ban weak ones).
  • Enforce Multi-Factor Authentication (MFA) everywhere, especially for admin accounts.
  • Restrict access, staff should only access what they need.
  • Isolate and regularly test backups, offline or off-cloud copies are crucial.
  • Invest in endpoint protection, detection & response (EDR) tools.
  • Train all staff in spotting phishing, scams, and red flags.

It’s not about throwing money at cybersecurity, it’s about smart prevention, fast response, and layered resilience.

Where Insurance Fits In

While technical controls are vital, having the right cyber insurance policy in place makes all the difference when the unexpected happens.

Our Cyber Insurance Cover doesn’t just protect your business financially after an incident, it’s designed to help you prevent one in the first place.

✅ Access to expert-led risk assessments

✅ Vulnerability scanning and guidance

✅ Support implementing strong cyber hygiene practices

✅ Full ransomware, data breach, and business interruption protection

✅ Crisis response teams on hand when it matters most

You’re not just covered if something goes wrong - you’re actively reducing the chances that it ever will.

A Modern Wake-Up Call

The fall of Knights of Old is a tragic reminder that cybersecurity is no longer just an IT issue, it’s a business survival issue.

The good news? Many of these risks are avoidable, with the right tools, practices, and support in place.

If your current approach is still relying on outdated standards or "good enough" security, it may be time to review your setup, before someone else does it for you. Why not give us a call to discuss further on 01273 424904.

Back to all news
Business Efficiency
Care Insurance
General Insurance
Risk Control
Services and Packages
Wealth Management
Pollard's Promises
Salford City FC Partnership
About Us
Customer Promise
Insurance Act 2015
Supported Associations
Ask an Expert
Latest News
Case Studies
Our Partners
Resources
01273 424904
hello@qcaregroup.co.uk
Careers
Privacy
Facebook
Twitter
Linkedin
Youtube
Quality Care Group
332 Kingsway
Hove
East Sussex
BN3 4QW
Registered in England & Wales.
Registration No. 6874783.
Quality Care Group is a trading name of Quality Care Insurance Services Limited which is authorised and regulated by the Financial Conduct Authority (FCA) under firm reference number 501676.
You may check this on the Financial Services Register by visiting the FCA's website, https://register.fca.org.uk/ or by contacting the FCA on 0800 111 6768.