Home / News / Gaana.com is back online; personal details of over 10 million users exposed due to hack

Gaana.com is back online; personal details of over 10 million users exposed due to hack

gaana-624x351

Update: Gaana.com is currently back online. The hacker MakMan posted the below tweet and stated that no financial details of any user was accessed. The hacker also added that he has not stored any information locally.

@themakmaniac mak you’re an inspiration for many now. Hope @satyangajwani all assets are save. Collaboration is the key! 🙂

— umer hafeez (@bloggerumer) May 29, 2015

A couple of hours ago, a hacker name MakMan exposed a vulnerability in one of our Gaana user databases. Here’s where things stand: 1/n

— Satyan Gajwani (@satyangajwani) May 28, 2015

First of all, we have patched the vulnerability within an hour of its discovery, as MakMan has also acknowledged. 2/n

— Satyan Gajwani (@satyangajwani) May 28, 2015

No financial or sensitive personal data beyond Gaana login credentials were accessed. No third party credentials were accessed either. 3/n

— Satyan Gajwani (@satyangajwani) May 28, 2015

As we understand, the data has not been accessed or shared with anyone; MakMan was highlighting the issue, which we’ve recognized. 4/n

— Satyan Gajwani (@satyangajwani) May 28, 2015

Most of our users’ data has not been compromised, but we’ve reset all Gaana user passwords, so all users have to make new ones. 5/n

— Satyan Gajwani (@satyangajwani) May 28, 2015

One of India’s popular music streaming service Gaana has been reportedly hacked and its massive database, about 10 million users, has been compromised. The hacker goes by the name MakMan who appears to be based in Lahore, Pakistan who posted a link to his Facebook page of what appears to be the entire database of Gaana.com’s users containing personal details.

The reason behind the hack is unknown. If a person enters the registered email address of a Gaana.com account, they can have access to their full name, email address, date of birth, MD5-encrypted password, along with Facebook & Twitter profiles as well. According to a report by The Next Web, the hack appears to be a SQL injection-based exploit of Gaana’s systems.
The hacker had updated his database page with the following message: “The vulnerable parameter I was using here, has been patched by the Admin. Now the question is, Was this the only vulnerable parameter I had .. ? ;)”

However, when we checked, the following message appeared.

Capture231

In any case, users are advised to not simply change their Gaana.com password but rather deactivate their account till the problem is solved. Also, users should change their email, Facebook and Twitter passwords if they’re the same as on Gaana.com. At the moment, there is no official statement from Times Internet Limited, which owns Gaana.com. As of now, website displays, “Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then”.

About techfoogle

Check Also

Google-Pixel-2-XL-2

Google Pixel 2 and Pixel 2 XL launched with Snapdragon 835

The long wait for the latest flagship devices by Google is finally over. Google announced …

Leave a Reply

Your email address will not be published. Required fields are marked *