Gaana.com, one of India’s most popular streaming music sites, was down for many hours on Thursday, apparently after the site’s user database was breached by a Pakistani hacker. The site is now back.
The hacker Mak Man posted on Facebook that he had managed to gain access to details of 10 million users. He posted a screenshot of the SQL exploit used to access the data. Mak Man also claimed he had shared reports regarding this with Gaana.com before.
Interestingly, Satyan Gajwani, CEO of Times Internet which owns Gaana.com, replied to the post on Facebook and said apologised for the company responding to the security concerns raised by Mak Man earlier.
“I don’t think your intention is to expose personal information about Gaana users, but to highlight a vulnerability. Consider it highlighted, and we’re 100% on it. Can I request that you take down access to the data, and delete it completely?” he wrote.
The data has now been removed.Gajwani then took to Twitter to talk about the hacking and said the company was taking the issue seriously and had reset passwords for all customers. He also said no financial or sensitive information has been leaked.
However, when we checked, the following message appeared.
In any case, users are advised to not simply change their Gaana.com password but rather deactivate their account till the problem is solved. Also, users should change their email, Facebook and Twitter passwords if they’re the same as on Gaana.com. At the moment, there is no official statement from Times Internet Limited, which owns Gaana.com. As of now, website displays, “Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then”.