Indian streaming service Gaana hacked, and taken offline

gaana downIndian music service Gaana suffered an invasive hack of its membership files, and the service is shut down while the problem is assessed and remedied.

We hear about large-scale attacks on back-end company systems. Retail store Target was hacked in 2013, when 40-million customer files, including financial information, were compromised. The results was a spike in credit-card fraud. This month the resulting class-action lawsuit was adjudicated, in a decision that could reimburse each victim up to $10,000 in damages. (Since actual documented personal damage is likely to be much lower in most cases, Target’s total reimbursement bill is likely to be fairly low.)

Gaana has 7.5-million users, all of whom were affected by this week’s hack. The company has confirmed that no financial information was included in the data spill.

Interestingly, the culprit is wide open about the exploit, documenting when and how he accomplished the intrusion on his Facebook page. “I here by [sic] confirm that no financial information was accessed during the hack of Gaana.com .. Database was so huge that i didn’t even bother looking.” The individual, called Mak Man, posted this morning. This person further denied published reports that anybody could access the information: “No body grabbed bulk details through my POC script as it was CAPTCHA protected and it had the ability to ban an IP having automated (BOT) behavior .. Most of the News Websites/Blogs have posted false information about the hack.”

Brad Hill