Very appropriate testing
The general public is so naïve that they have no clue as to the current cyber security issues which actually affect them - like their bank account or credit cards or employment or personal identity, etc. The security challenge is monumental and it's going to get worse. IMO it's best to not tell the public and just go ahead with the testing and to implement whatever processes are necessary to achieve the best security possible because it certainly will not be enough to prevent major attacks.
Many people are just as naïve about security as they are about terrorism until it touches them directly as has been the case most recently. It's time to wake up and understand that we live in a new world with many different security issues that never existed previously or on such a large scale.