Officials at MicroSolved have posted a detailed explanation of the technique and how it turned into a national issue. The person responsible for the test was on vacation the day that the CDs arrived in the mail. Another employee found the CDs, called the national credit union to report it, leading to the NCUA s alert. The NCUA has been working with the National Security Council to ensure that the tests meet the requirements of the law, which includes the use of social engineering techniques.
Source: https://threatpost.com/microsolved-explains-credit-union-pen-test-082809/72935/