India’s most famous music site, Gaana.com was hacked by, a hacker nicknamed, Mak Man (nickname). On Thursday, the site was down for several hours as the site was hacked by a Pakistani hacker.
This hack was revealed by him on his Facebook page.
The picture above is of a database, as claimed by Mak Man, containing information and details of more than 10 Million users currently registered on Gaana.com. The data contained user names, emails, passwords, Facebook & Twitter profiles too.
However, the hacker’s intention was not to exploit the information. According to Mak Man, he informed the officials about the problem but no one considered them to which the CEO of Times Internet apologized in a Facebook post saying:Hi, I’m
Hi, I’m Satyan, CEO of Times Internet, which runs Gaana.com
First of all, I’d like to apologize personally if you had shared these reports and we didn’t respond earlier. Totally unacceptable by us, and I’m looking into it.
Second, I don’t think your intention is to expose personal information about Gaana users, but to highlight a vulnerability. Consider it highlighted, and we’re 100% on it. Can I request that you take down access to the data, and delete it completely?
And finally, if possible, I’d appreciate if we could hire you as a consultant to help us find any more vulnerabilities across our network so that we can keep our products as secure as possible. If you’re interested, message me directly, as I’d be very grateful for your advice.
Thanks, Satyan
To which Mak Man tweeted:
@satyangajwani #makman#gaana#Indiatimespic.twitter.com/N4DvnQt1Rq
— Mak Man (@themakmaniac) May 28, 2015
The hacker is based in Lahore, Pakistan. The hack was an SQL injection-based exploit of Gaana.com and the database has been removed by the hacker.
(You can see it yourself by clicking on the site here).
To ensure the situation the CEO, Mr. Gajwani, tweeted the details and informed about the current situation.
A couple of hours ago, a hacker name MakMan exposed a vulnerability in one of our Gaana user databases. Here’s where things stand: 1/n — SatyanGajwani (@satyangajwani) May 28, 2015
First of all, we have patched the vulnerability within an hour of its discovery, as MakMan has also acknowledged. 2/n
— SatyanGajwani (@satyangajwani) May 28, 2015
No financial or sensitive personal data beyond Gaana login credentials were accessed. No third party credentials were accessed either. 3/n — SatyanGajwani (@satyangajwani) May 28, 2015
As we understand, the data has not been accessed or shared with anyone; MakMan was highlighting the issue, which we’ve recognized. 4/n
— SatyanGajwani (@satyangajwani) May 28, 2015
Most of our users’ data has not been compromised, but we’ve reset all Gaana user passwords, so all users have to make new ones. 5/n — SatyanGajwani (@satyangajwani) May 28, 2015
However, some sources suggest not just changing your password but removing your accounts from the website and changing the password of your email address, Facebook account, Twitter account etc.
Contributed by Atiqa Shaikh.