Hackers Took Down This Company Due to a Single Compromised Password
Please use strong and unique passwords on all your accounts.
Last week, we highlighted a story concerning McDonald’s’ AI-powered hiring tool, McHire. The company that manages the tool did not securely configure the credentials, leaving the username and password as 123456 and 123456, respectively. Luckily, researchers found the flaw before hackers, and the company was able to properly secure the McHire portal—sparing roughly 64 million applicants’ data in the process.
McDonald’s got lucky in this situation, but not all companies are so fortunate. Small breaks in cybersecurity practices can lead to devastating consequences, as we see with the company KNP.
As reported by BBC News, KNP was operating normally all the way through 2023. However, sometime in that year, the hacking group Akira broke into their systems. They didn’t need to employ and fancy hacking technique to do so—they simply guessed one employee’s password, which happened to be quite weak.
Once inside the network, Akira encrypted all of KNP’s data, locking the company out of its own system. If KNP wanted back in, Akira demanded a ransom, with a note that read: “If you’re reading this it means the internal infrastructure of your company is fully or partially dead…Let’s keep all the tears and resentment to ourselves and try to build a constructive dialogue.”
Estimates suggest the ransom was as high as £5 million, or $6.47 million USD. KNP didn’t have the funds to pay the ransom, and the data was never returned. The company has since closed.
Ransomware attacks are particularly brutal—large companies might be able to afford the ransoms, but smaller companies certainly cannot. In either case, however, paying the ransom isn’t necessarily the right call. The FBI strong recommends not paying if you are the victim of a ransomware attack. While it may be tempting, there is no guarantee you recover the data hackers stole. Plus, it encourages future attacks, since hackers know they can get away with the payout.
But what can help stop ransomware attacks from happening in the first place is good cybersecurity practices:
- Don’t use weak passwords: use strong passwords that cannot be guessed by humans or computers.
- Don’t reuse passwords: If a hacker discovers your password for one account in a data breach, they’ll try it out on other accounts to see if you’ve reused it.
- Always use MFA whenever possible: Even if a hacker discovers your password, MFA ensures that they cannot log into your account without access to the MFA code, which is usually accessible via a trusted device only you have access to.
Share This
