Ethical Hackers Claim HDFC Bank Website Hacked-Customer Database Affected

ZSecure claims to have discovered a critical threat (Hidden SQL Injection Vulnerability) on HDFC Bank’s website

Banking industry giant HDFC Bank may have recently suffered a hack affecting its critical customer database system. According to a blog post on ZSecure , which claims to be a dedicated IT Security Research Group, their ethical hackers discovered a critical threat (Hidden SQL Injection Vulnerability) on HDFC Bank’s website on July 15. According to the bloggers they immediately notified the bank through an e-mail. This Hidden SQL Injection Vulnerability had apparently endangered HDFC’s Bank’s customer database and the blog further claimed that the vulnerability allowed hackers to gain total control over information they wished to plunder. Hackers could create a dump and easily carry out shell uploading, too.

STORY CONTINUES BELOW THIS AD

The blog post further revealed that the e-mail notifying the bank of the critical vulnerabilities was replied to a good 22 days later. And while HDFC Bank claimed the vulnerability had been fixed and even tested by a third-party service provider, the blog claims this was not true and it was only a further e-mail with complete details which resulted in HDFC Bank removing the vulnerable file from its web server. ZSecure questions how even a third–party provider could not find the vulnerability after being warned.

Ethical Hackers Claim HDFC Bank Website Hacked-Customer Database Affected

ZSecure claims to have discovered a critical threat (Hidden SQL Injection Vulnerability) on HDFC Bank’s website

Top Stories

Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty

Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched

Who is CP Radhakrishnan, India's next vice-president?

Israel informed US ahead of strikes on Hamas leaders in Doha, says White House