Gaana Hacked But Says User Data Wasn’t Compromised

The hacker who calls himself Mak Man is apparently based out of Pakistan and announced his exploits via a Facebook post. He also shared a link of a searchable database of gaana user information. Since the hack was announced, Gaana has taken down its site and the database does not return results when queried with test data. The hacker also claimed that he used a simple SQL Injection technique to engineer the attack.

Indian music streaming service Gaana was compromised earlier today by a Pakistani hacker going by the name of Mak Man. The hacker further claimed that he was able to extract the entire Gaana user information database and shared a link where one could access the same.

Gaana hacked

Since then, Gaana has taken its site offline and the exposed database isn’t returning search results when queried with test data. Satyan Gajwant, CEO of Times Internet that owns Gaana later Tweeted saying that user data wasn’t leaked and that Mak Man had used it as a way to make the company aware of vulnerabilities in their code.

Satyan Tweet 1 Satyan Tweet 2 Satyan Tweet 3 Satyan Tweet 4 Satyan Tweet 5 Satyan Tweet 6 Satyan Tweet 7 Satyan Tweet 8

In his Facebook post, Mak Man claims to have used a simple SQL Injection technique to engineer the attack and gain access into Gaana’s backend panel. Doing so, he was able to get his hands on the 12.5 million+ user database, which apparently wasn’t exposed in the attack for obvious reasons of user safety and privacy.

Sign Up for NextBigWhat Newsletter