The Impact of Hacking – A Case Study


In our ever-evolving digital world, businesses are becoming increasingly vulnerable to cyber attacks. In fact, 40% of UK businesses will experience an attack or breach this year, with £3.5m being the average cost of a breach in 2021. Therefore, it is imperative for your business to regularly test its security level and detect any vulnerabilities in your systems – our partner, Fact3, has done just that.

Fact3 are a Manchester-based, co-sourcing solutions company offering customised solutions to SMEs who need support with their accounting, human resources, and IT. Fact3’s philosophy is to deliver a modern approach to co-sourcing, by providing a team of experts in the three critical business areas: Numbers, People, and Systems.


Originally acquiring Cyber Essentials certification from Mitigate Cyber in 2017, they have since performed regular penetration testing, implemented cyber security awareness training, and distributed bespoke phishing campaigns.

Andrew Jackson (Partner at Fact3), “Security of our client data is vitally important to us. We are holding data on behalf of our clients, some of which are in very sensitive industries, it is a major responsibility for us to ensure that data is secure.

Not only does a cyber attack or data breach of your company’s systems result in potential operational downtime or loss of finances, but this can also cause severe reputational damage and loss in market confidence, accounting for 38% of the average cost of a data breach – keeping your client data secure not only keeps you compliant with regulations such as GDPR, but also ensures company retention with existing and future clients is maintained.

Fact3 decided to begin regular penetration testing to ensure any existing vulnerabilities had been identified and resolved, specifically in their HR hub which they offer as a clerk-based solution for businesses to store their HR, personnel files, and other sensitive information. 

At Mitigate Cyber, our penetration tests and CREST-certified ethical hackers aim to identify all known weaknesses in your website, network infrastructure, mobile apps, IoT devices, and even physical security. Our recommended security improvements protect sensitive internal data, your clients’ data, and the internal infrastructure which supports it all. The typical process you can expect when you take out a Mitihack penetration test include: 

  • Step One: Providing us with information on all systems in-scope that require testing.
  • Step Two: Our licenced penetration testers will then assess the in-scope items and identify vulnerabilities.
  •  Step Three: Controlled attacks are then performed to gain access by exploiting the identified vulnerabilities.
  • Step Four: Our penetration testers will see whether they can compromise as many privilege accounts and systems while maintaining access.
  • Step Five: After the test, you will receive a full report along with an in-depth 1:1 meeting to explain the findings and discuss remediations.

Andrew Jackson (Partner at Fact3), “We are aware that businesses are in an extremely vulnerable position, especially due to the pandemic and working adjustments. It still staggers me that there are some organisations who don’t take cyber security seriously – my recommendation would be to get in touch with Mitigate Cyber and understand what they can do for you business.”

 Are you ready to protect your organisation?

For more information, or to speak to a Mitigate Cyber expert, get in contact today!
Scroll to Top