Music streaming service Gaana.com hacked; personal details of over 10 million users exposed

Posted on Updated on

Update: Gaana.com is currently back online. The hacker MakMan posted the below tweet and stated that no financial details of any user was accessed. The hacker also added that he has not stored any information locally.

Music streaming service Gaana.com hacked; personal details of over 10 million users exposed
Music streaming service Gaana.com hacked; personal details of over 10 million users exposed

One of India’s popular music streaming service Gaana has been reportedly hacked and its massive database, about 10 million users, has been compromised. The hacker goes by the name MakMan who appears to be based in Lahore, Pakistan who posted a link to his Facebook page of what appears to be the entire database of Gaana.com’s users containing personal details.

The reason behind the hack is unknown. If a person enters the registered email address of a Gaana.com account, they can have access to their full name, email address, date of birth, MD5-encrypted password, along with Facebook & Twitter profiles as well. According to a report by The Next Web, the hack appears to be a SQL injection-based exploit of Gaana’s systems.

The hacker had updated his database page with the following message:“The vulnerable parameter I was using here, has been patched by the Admin. Now the question is, Was this the only vulnerable parameter I had .. ? ;)”

However, when we checked, the following message appeared.

Capture23

In any case, users are advised to not simply change their Gaana.com password but rather deactivate their account till the problem is solved. Also, users should change their email, Facebook and Twitter passwords if they’re the same as on Gaana.com. At the moment, there is no official statement from Times Internet Limited, which owns Gaana.com. As of now, website displays, “Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then”.

Source:tech.firstpost.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s