Major corporate security breaches and how pen testing could have prevented them

Hackers are continually learning and improving their skills to maximise their ability to gain access to personal accounts and even company assets in a matter of seconds.

Twitter accounts of people in the public eye are frequently hacked in a bid to blackmail or spread misinformation on a wider scale. This most recently happened to Indian tycoon Vijay Mallya, who had all of his assets published on Twitter against his will.

Not even well-established companies are safe from hackers, which is why penetration testing is essential to highlight the weaknesses in their security systems. Without these tests, huge – not to mention hugely costly - information breaches can occur.

TalkTalk’s password and personal information theft

One of the highest-profile hack attacks to happen in recent history was the breach of TalkTalk’s security systems – not once, but twice.

The October 2015 hack exposed the bank account information of nearly 157,000 customers. However, it wasn’t carried out by a team of seasoned adult criminals, but instead by two boys – one 16 and the other 15 years old.

The most recent attack gave the hacker access to customers’ TalkTalk routers, leading to their infection with a new type of Mirai malware, which repurposes the routers as DDoS bots capable of performing even more malicious attacks on other companies.

A penetration test from someone inside or outside the company could have highlighted the openings that the culprit used to access TalkTalk’s database. Such pen testing may have thereby enabled TalkTalk to carry out the fortification measures needed to better protect itself.

Tesco Bank’s £2.5 million heist

What’s particularly unfortunate about this story is that Tesco was informed about the insecurity of its systems. A data collection firm showed there were weaknesses that could grant access to hackers, with that information being traded on the dark web.

Tesco seemingly ignored the warnings completely because the bank was recently robbed of £2.5 million, all taken from roughly 9,000 of its account holders.

Keep your business protected

Sec-Tec penetration testing will put your security system in safe hands. It’s far better for us to penetrate your system instead of a hacker, because we follow a plethora of commonly used techniques for gaining access to companies’ systems to ensure that you stay well-protected against malicious attacks, no matter how hackers try to gain access.

Our job here at Sec-Tec doesn’t stop once we’ve found the weaknesses in your security systems. We will also provide invaluable advice on what you or your organisation needs to do to help ward off the possibility of future attacks.

Learn more about how you can keep your valuable data and assets safe by getting in touch with the friendly, professional and highly capable Sec-Tec team today.