2. Brute Force The website could be brute forced, and all the members login details and bank accounts could be leaked.Most sites generally have protection against this, by restricting the amount of logins within a period of time on a IP address.
3. PHP There are ways of exploiting PHP websites, which a hacker could gain access to the login details and leak information.
5. Weak Password If the password is weak, the password could possibly be guessed by someone who may know some of the members of staff who work there.
6. Server There could be a theft and the server could be stolen. The theif could access the data and have access to thousands of bank details. To reduce the risk, the servers should be in a secure building, with a locked door to the server room.
7. Passwords Passwords can be obtained by a few ways. Brute Force can be a way to crack the password, along with simply guessing the password.If you know the person, you may be able to guess their password. To prevent this, pick a password that isn’t easily guessable by anyone, and try and use numbers and symbols in the password to make it harder to guess and a lot harder by a brute force attack. Passwords with numbers and symbols can change brute force attacks from hours into millions of years.
8. Access Rights & User Permissions Within a system, if the wrong access rights are given, it could give a user access to view data that they shouldn’t be able too, or it could give a user access to change or delete data.