When you think of hackers, you probably picture sleazy underworld characters intent upon disrupting business operations and stealing identities. And yes, that’s typically an accurate assessment. But there are actually groups of hackers who consider themselves to be acting for the greater good! They call themselves “friendly hackers”, and they work to notify organizations of potential vulnerabilities before the bad guys can discover and exploit them.
The friendly hackers who do this type of work do not exploit the information they find, but rather inform affected companies of the potential for trouble so that they can take steps to quickly remedy the situation.
Earlier this year a platform called HackerOne, composed of friendly hackers, discovered and disclosed a potential security problem to Ford Motor Company. Researchers were able to gain access to Ford’s databases, confidential company records, and confidential customer information. According to a blog called bleepingcomputer.com, which monitors and reports on friendly hacking events, the “data exposure stemmed from a misconfigured … customer engagement system running on Ford’s servers.”
Discovered earlier this year, the vulnerability was only just publicly disclosed by Ford this week. The company released the following statement:
“Based on evidence provided to Ford and our internal investigation, we don’t believe any sensitive personal information about employees or customers was accessed or compromised in this instance, which was identified and addressed nearly six months ago,” Ford spokesman T.R. Reid said. “The safety and trust of customers and employees is a top priority for our Ford cybersecurity team and processes.”
The good news is that a large potential security breach has been averted, both for Ford and its customers. But of course, you don’t want to wait on friendly hackers to test your system and inform you of potential dangers. Give us a call at 888-RING-MY-TECH and we’ll assess your system now. Then, based on what we find, we can recommend additional security steps to help secure your system, so that you can keep sensitive data safe from prying eyes.