Indian music streaming service Gaana, which has over 7.5 million monthly visitors, has been comprised by a hacker and its user information database is now exposed.
The hacker, who goes by the moniker Mak Man and appears to be based in Lahore, Pakistan, posted a link to a searchable database of Gaana user details on his Facebook page. Enter a user’s email address and it spits out their full name, email address, MD5-encrypted password, date of birth Facebook and Twitter profiles and more.
The hack appears to be a SQL injection-based exploit of Gaana’s systems, but the intention behind it is unknown. The database shows more than 12.5 million users are currently registered on Gaana.
Mak Man also posted images of the service’s admin panel.
It’s worrying that an online service from one of India’s biggest internet companies (Times Internet) is vulnerable to attacks like this.
With user details exposed, it may not do much good to simply change your Gaana password, as it will reflect in the hacker’s database. You’re better off deactivating your account until the issue is resolved, and changing your email, Facebook and Twitter passwords if they’re the same as on Gaana right away.
We’ve contacted Gaana and Mak Man to find out more and will update this post when we hear back.
➤ Gaana [via The Geek Byte]
Read next: The bug that can crash iPhones with a single message is back
from The Next Web http://feedproxy.google.com/~r/TheNextWeb/~3/M3sEghtKbyE/
via IFTTT
0 comments:
Post a Comment