A Pakistan based hacker named – Mak Man – revealed on Thursday that he hacked the most popular Indian music site Ganna.com and access to the user database of the site.
A hacker from Lahore, Pakistan, yesterday on his official Facebook announced that he was the person who hacked the official site of most popular Indian streaming website Gaana.com. Mak Man also uploaded the some of the record he grabbed from the database of the website that contains details of over 10 million users. The user data include personal information like email addresses, Facebook and Twitter profiles, date of births and hash passwords.
Satyan Gajwani, the CEO of Times Internet and owner of Gaana.com has confirmed that website’s database was hacked but claimed most of the users data had remained safe.
In his tweet, Gajwani said, “A couple of hours ago, a hacker name Mak Man exposed a vulnerability in one of our Gaana user databases. Here’s where things stand.” “Most of our users’ data has not been compromised, but we’ve reset all Gaana user passwords, so all users have to make new ones.”, he added.
A couple of hours ago, a hacker name MakMan exposed a vulnerability in one of our Gaana user databases. Here’s where things stand: 1/n
— Satyan Gajwani (@satyangajwani) May 28, 2015
No financial or sensitive personal data beyond Gaana login credentials were accessed. No third party credentials were accessed either. 3/n — Satyan Gajwani (@satyangajwani) May 28, 2015
As we understand, the data has not been accessed or shared with anyone; MakMan was highlighting the issue, which we’ve recognized. 4/n
— Satyan Gajwani (@satyangajwani) May 28, 2015Advertisements
In response to continuous tweets of Gajwani, Mak Man retweeted, “I hereby confirm that no financial information was accessed during the hack of Gaana.com. Database was so huge that i didn’t even bother looking (Hell I didn’t even know If it was there.. and no information was dumped and stored locally .. not even a single row. The exploit script was just a POC to highlight the issue which was grabbing the details directly from their DBMS and I repeat again information was not stored locally . Finally No body grabbed bulk details through my POC script as it was CAPTCHA protected and it had the ability to ban an IP having automated (BOT) behavior. Most of the News Websites/Blogs have posted false information about the hack.”
Gaana.com is working normal now but official Facebook page of Mak Man and its all content has been removed by Mak Man. However, his Twitter account is still operational.
Tweets by Mak Man:
— Mak Man (@themakmaniac) May 27, 2015
— Mak Man (@themakmaniac) May 28, 2015