Indian music streaming website Gaana.com was hacked by a netizen who goes by the name Mak Man on Thursday May 28. It was later discovered that the hacker belonged to Pakistan, and is based in Lahore.
Interestingly, the CEO later offered the hacker a job at Gaana.com to help find other issue on the website. After hacking the website, ‘Mak Man’ shared the news on Facebook, according to Business Standard, and wrote: "Mak Man
[SQL injection] Gaana.com - http://makman.tk/gaana.php
Alexa rank: 121 (India)
Number of user records in database: 10 million+
Exploit POC: http://makman.tk/gaana.php
POC details: Enter the email address of the user (registered on gaana.com) to get all the details."
Gaana.com which belongs to the Times internet and has 10 million users remained offline for hours after which the CEO of Times Internet accepted that the site had been hacked and also said that the hacker discovered exploits existing on the site.
He later tweeted that the exploits had been successfully patched and requested that all user change their passwords. He revealed that no user data had been compromised.
The CEO even reached out to the hacker and said: "Hi, I'm Satyan, CEO of Times Internet, which runs Gaana. First of all, I'd like to apologise personally if you had shared these reports and we didn't respond earlier. Totally unacceptable by us, and I'm looking into it."
Mak Man alias Sajja Ahmad also responded and said: "Hello Satyan! It's good to see that you took notice of the issue before it was too late. You are right; our intention was not to disclose any private information of the users but to highlight the issue. The vulnerability was reported to the technical head of the website several times but he failed to fix it.
Anyhow, the page exposing the information has been taken down permanently. Direct requests from that page were generated to the gaana.com server to extract the information. We assure you no data from the website database was saved anywhere. Mak Man will message you for further discussion."
Later the CEO tweeted that the hacker has removed the database of #amankiasha, a Times Group initiative; started for maintaining harmony between India and Pakistan.
Mak Man also posted on Facebook explaining that he did not intend to hack the financial information from Gaana.com and did not save any data elsewhere.
Interestingly, Gajwani offered the hacker a job at Gaana.com to help find other issue on the website.
The article originally appeared on IBTIMES