Gaana.com is back online; details of over 10 million users exposed due to hack

One of India's popular music streaming service Gaana has been reportedly hacked and its massive database, about 10 million users, has been compromised.

Update: Gaana.com is currently back online. The hacker MakMan posted the below tweet and stated that no financial details of any user was accessed. The hacker also added that he has not stored any information locally.

https://twitter.com/themakmaniac/status/603922999625003008

In a series of tweets, Satyan Gajwani, CEO of Times Internet said,

https://twitter.com/satyangajwani/status/603870686810083328

https://twitter.com/satyangajwani/status/603870726458847232

https://twitter.com/satyangajwani/status/603870753898024960

https://twitter.com/satyangajwani/status/603870787842535424

https://twitter.com/satyangajwani/status/603870932684386305

One of India's popular music streaming service Gaana has been reportedly hacked and its massive database, about 10 million users, has been compromised. The hacker goes by the name MakMan who appears to be based in Lahore, Pakistan who posted a link to his Facebook page of what appears to be the entire database of Gaana.com's users containing personal details.

The reason behind the hack is unknown. If a person enters the registered email address of a Gaana.com account, they can have access to their full name, email address, date of birth, MD5-encrypted password, along with Facebook & Twitter profiles as well. According to a report by The Next Web, the hack appears to be a SQL injection-based exploit of Gaana’s systems.

The hacker had updated his database page with the following message: "The vulnerable parameter I was using here, has been patched by the Admin. Now the question is, Was this the only vulnerable parameter I had .. ? ;)"

However, when we checked, the following message appeared.

Gaana.com is back online; details of over 10 million users exposed due to hack

In any case, users are advised to not simply change their Gaana.com password but rather deactivate their account till the problem is solved. Also, users should change their email, Facebook and Twitter passwords if they’re the same as on Gaana.com. At the moment, there is no official statement from Times Internet Limited, which owns Gaana.com. As of now, website displays, "Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then".

Tech2 is now on WhatsApp. For all the buzz on the latest tech and science, sign up for our WhatsApp services. Just go to Tech2.com/Whatsapp and hit the Subscribe button.





Top Stories


also see

science