Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed

Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed

Update2: Mak Man in a new status update has said that no financial information was accessed during the hack of Database, and no information was dumped and stored locally. He also said that exploit script was just a POC to highlight the issue which was grabbing the details directly from their DBMS.

mak man

Update1: Few hours after posting searchable database link of Gaana user details on his Facebook page, Mak has now removed it from his website on request of Times Internet CEO Satyan Gajwani.

gaana hacked

Before:

Indian music streaming service Gaana has been hacked by a Lahore based hacker who goes by the name of Mak Man. The hacker, Mak Man has also posted a searchable database link of Gaana user details on his Facebook page. The development was first reported by TheNextWeb.

The hack appears to be a SQL injection-based exploit of Gaana’s systems. Enter a user’s email id and it outputs their full name, email address, password, date of birth, Facebook and Twitter profiles and a lot more. The database shows more than 12.5 million users are currently registered on Gaana.

Gaana-hack-database

Mak Man also posted images of the service’s admin panel.

Gaana Admin Panel

Gaana Hacked Admin Panel

Since the story broke, Gaana has taken its site offline and the exposed database isn’t returning search results when we queried it with test data.

gaana-down

Looks like the database has been patched and the queries are no longer working. However the hacker latest status update on Facebook, mischievously suggests that there might be more vulnerabilities in Gaana’s system and this might just be the beginning.

Screen-Shot-2015-05-28-at-3.46.00-pm

It is shocking to see that giants like Times are also vulnerable to such exploits, risking millions of users data and privacy. Gaana has reportedly over 7.5 Mn monthly visitors and over 10 million active users.

Apart from Gaana, other music streaming companies in India include Saavn, Airtel’s Wynk, Hungama, Vodafone Music among others. Earlier this year,  audio streaming company Rdio had launched in India, with a catalogue of 32 Mn songs in 43 language, previously, Rdio had acquired Pune based Dhingana. Recently, Hungama had crossed a milestone of having 50 Mn+ monthly active users on its platform with aim to cross 100Mn MAUs by March 2016. Also, Australian music streaming service i.e. Guvera claims to have over 3 Mn users in India.

Related: Gaana Vs Saavn – Who’ll Become The Spotify Of India?

Satyan Gajwani spoke about this issue on Twitter in a series of tweets:

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed-Inc42 Media
Updated: Times Internet’s Gaana.com Hacked Leaving Over 10Mn User Details Exposed-Inc42 Media
You’re in Good company