According to Mak Man, there was security vulnerability on Gaana.com servers and he had reported the flaw to the administration with complete details, however, Gaana.com didn’t respond to the vulnerability report and decided to ignore the reports altogether.
In response to which, to wake up the management, he defaced the website and hacked the user data of over 12 million registered users of Gaana.com and posted it on internet.
Mak Man confirmed that no financial data was stolen or even read. He later on removed the data of 12 million users from internet after CEO of the company — that manages Gaana.com — apologised for ignoring Mak Man’s reports and requested to remove users’ details.
Below is what CEO of Times Internet said:
Hi, I’m Satyan, CEO of Times Internet, which runs Gaana.
First of all, I’d like to apologize personally if you had shared these reports and we didn’t respond earlier. Totally unacceptable by us, and I’m looking into it.
Second, I don’t think your intention is to expose personal information about Gaana users, but to highlight a vulnerability. Consider it highlighted, and we’re 100% on it. Can I request that you take down access to the data, and delete it completely?
And finally, if possible, I’d appreciate if we could hire you as a consultant to help us find any more vulnerabilities across our network, so that we can keep our products as secure as possible. If you’re interested, message me directly, as I’d be very grateful for your advice.
Thanks, Satyan
0 comments:
Post a Comment