17 Breaches – Internal Network Pentest Could Have Prevented

DateCompanyHow BreachedCompany URLNews Article
2013-12-19TargetMalware on Point-of-Sale systemsTargetTarget Data Breach – CNBC
2014-09-02Home DepotMalware in point-of-sale systemsHome DepotHome Depot Confirms Breach – KrebsOnSecurity
2017-09-07EquifaxExploited a vulnerability in website softwareEquifaxEquifax Data Breach – The Guardian
2013-12-21AdobeCyber-attack, exposed user dataAdobeAdobe Hack – Forbes
2018-03-30FacebookImproper sharing of user data by third-party appsFacebookFacebook-Cambridge Analytica Scandal – The Guardian
2018-09-25MarriottUnauthorized access to the Starwood guest reservation databaseMarriottMarriott Data Breach – BBC
2012-06-06LinkedInStolen passwords through a cyber-attackLinkedInLinkedIn Data Breach – Forbes
2016-09-22YahooStolen account information and passwordsYahooYahoo Data Breach – The New York Times
2017-03-15UberHackers stole personal data of 57 million usersUberUber Data Breach – Reuters
2017-07-29HBOCyber-attack, data of unreleased episodes leakedHBOHBO Hack – Variety
2019-07-29Capital OneExploited a vulnerability, exposed credit card dataCapital OneCapital One Data Breach – The Washington Post
2018-07-12TicketflyWebsite vulnerability, exposed customer dataTicketflyTicketfly Data Breach – TechCrunch
2014-08-31JPMorgan ChaseCyber-attack, compromise of customer dataJPMorgan ChaseJPMorgan Data Breach – CNN
2016-08-02DropboxBreach through a third-party serviceDropboxDropbox Data Breach – The Guardian
2019-07-18Capital OneInsider threat, exploited a misconfigured firewallCapital OneCapital One Breach – Forbes
2014-11-24Sony Pictures EntertainmentCyber-attack, leaked confidential informationSony PicturesSony Pictures Hack – BBC
2019-05-31First American Financial CorpUnsecured access to sensitive documentsFirst AmericanFirst American Data Leak – KrebsOnSecurity

Data breaches have become an unfortunate reality for businesses, and individuals alike and can be prevented with the epnoymous – internal network pentest. These incidents not only compromise sensitive information but also raise concerns about the security measures in place. In this article, we’ll delve into 12 notorious data breaches, exploring how they occurred and drawing insights from network penetration testing – a crucial practice for identifying and addressing vulnerabilities.

Introduction – Breaches are a failure of good Internal Network Pentest

Data breaches have significant consequences, ranging from financial losses to reputational damage. Understanding the mechanics of these breaches is essential for improving cybersecurity strategies. Network penetration testing, commonly known as pentesting, involves simulating cyber-attacks on a computer system, network, or web application to identify vulnerabilities before malicious actors can exploit them.

1. Target (2013)

How It Happened:

The Target data breach in 2013 was a wake-up call for the retail industry. Attackers gained access to Target’s network through a third-party HVAC contractor. They exploited vulnerabilities in the network, installing malware on point-of-sale (POS) systems. The breach exposed 40 million credit and debit card records.

Pentest Insights:

A simulated pentest of Target’s network might involve probing third-party connections for weaknesses. Using a tool like Nmap, testers could scan for open ports and services, mimicking potential entry points for attackers.

nmap -p 80,443,22,21 third-partycontractor.com

2. Equifax (2017)

How It Happened:

Equifax, one of the major credit reporting agencies, suffered a massive data breach in 2017. Attackers exploited a vulnerability in the Apache Struts web application framework. This allowed unauthorized access to sensitive information, compromising the personal data of 147 million people.

Pentest Insights:

Pentesters would scrutinize web applications for vulnerabilities. Using OWASP’s ZAP tool, they might identify and exploit weaknesses in the web application similar to the Apache Struts vulnerability.

# Example ZAP script for identifying vulnerabilities
./zap.sh -quickurl http://equifax.com -quickprogress -quickexit

3. Uber (2017)


How It Happened:

Uber faced a significant data breach in 2017 when hackers stole the personal information of 57 million users. The company paid a ransom to keep the breach quiet. The attackers gained access to Uber’s GitHub repository, where they found credentials for the company’s AWS environment.

Pentest Insights:

A simulated pentest might involve evaluating the security of code repositories. Pentesters could use tools like Gitrob to search for sensitive information in public repositories.

gitrob -github-token <your_token> -v <organization/repo>

4. Capital One (2019) – Network Pentest

How It Happened:

Capital One experienced a breach in 2019 due to a misconfigured web application firewall (WAF). An insider exploited this vulnerability, gaining unauthorized access to sensitive customer data, affecting over 100 million people.

Pentest Insights:

Pentesters might examine WAF configurations and conduct tests to ensure proper security measures. Tools like ModSecurity provide a web application firewall that could be tested for misconfigurations.

# Example ModSecurity rule for testing WAF
SecRuleEngine DetectionOnly

5. Marriott (2018)

How It Happened:

In 2018, Marriott faced a data breach stemming from unauthorized access to the Starwood guest reservation database. The attackers had access since 2014, compromising personal details of approximately 500 million guests.

Pentest Insights:

Simulated pentests could involve testing for database vulnerabilities. Tools like SQLMap can identify and exploit SQL injection vulnerabilities.

sqlmap -u "http://marriott.com/reservation?id=123" --dbs

6. Yahoo (2016) – Network Pentest

How It Happened:

Yahoo’s 2016 data breach exposed the account information and passwords of 3 billion users. Attackers exploited a weakness in the company’s security infrastructure.

Pentest Insights:

Pentesters might examine authentication mechanisms, simulating attacks using tools like Hydra to test password strength and integrity.

hydra -l <username> -P <password_list> -e nsr -t 16 -w 30 -V -f -o results.txt smtp://yahoo.com

7. Facebook-Cambridge Analytica Scandal (2018)

How It Happened:

In 2018, Facebook faced scrutiny for allowing the improper sharing of user data with third-party apps, notably in the Cambridge Analytica scandal.

Pentest Insights:

Simulated pentests could involve assessing the permissions and data access of third-party applications, similar to Facebook’s Graph API. Tools like Burp Suite can be used for comprehensive testing.

# Burp Suite example
./burpsuite.sh -project /path/to/project.burp -scan "https://facebook.com/app?app_id=123"

8. LinkedIn (2012) – Network Pentest

How It Happened:

LinkedIn suffered a data breach in 2012 when attackers stole passwords through a cyber-attack. Weak encryption and inadequate password storage practices were major contributors.

Pentest Insights:

Pentesters might assess password storage mechanisms. Tools like John the Ripper can be used for testing password hashes.

john --format=md5 --wordlist=passwords.txt hashed_passwords.txt

9. Adobe (2013)

How It Happened:

In 2013, Adobe experienced a cyber-attack that exposed user data. Attackers accessed Adobe’s internal systems, compromising sensitive information, including user IDs and encrypted passwords.

Pentest Insights:

Simulated pentests could involve testing for server vulnerabilities. Tools like Nessus can scan for potential weaknesses.

nessus -q -T html -X -i target_ip -p 1-65535

10. Dropbox (2016)

How It Happened:

Dropbox faced a data breach in 2016, revealing that over 68 million user accounts were compromised. The breach occurred through a third-party service with weak security.

Pentest Insights:

Pentesters might assess third-party integrations. Tools like Metasploit can simulate attacks on services that may have weak security configurations.

use auxiliary/scanner/http/smb/ms17_010_eternalblue
set RHOSTS <target_ip>

11. JPMorgan Chase (2014) – Network Pentest

How It Happened:

JPMorgan Chase faced a significant cyber-attack in 2014, compromising the accounts of 76 million households and 7 million small businesses. The breach exploited vulnerabilities in the bank’s security systems.

Pentest Insights:

Simulated pentests could involve testing for network vulnerabilities. Tools like Wireshark can be used for analyzing network traffic and identifying potential threats.

wireshark -i eth0

12. Ticketfly (2018) – Network Pentest

How It Happened:

Ticketfly’s 2018 data breach occurred due to a website vulnerability. Attackers exploited a weakness in the company

‘s online ticketing platform, exposing customer data.

Pentest Insights:

Pentesters might assess web application vulnerabilities. Tools like OWASP Zed Attack Proxy (ZAP) can identify and address security issues in web applications.

# OWASP ZAP example
./zap.sh -quickurl http://ticketfly.com -quickprogress -quickexit


These 12 data breaches provide valuable lessons for organizations aiming to strengthen their cybersecurity posture. Network penetration testing, when conducted regularly and comprehensively, helps identify and mitigate vulnerabilities before malicious actors can exploit them. The ever-evolving threat landscape demands constant vigilance and proactive measures to safeguard sensitive information. By learning from past breaches and incorporating effective security practices, businesses can better protect themselves and their users from cyber threats.


Leave a Reply

Your email address will not be published. Required fields are marked *