Skip to main content

GAANA.COM HACKED !!!!


Why there in an urgent need of security experts in India! GAANA.COM GOT HACKED

If you have'nt heard about the news of Gaana.com getting hacked this week , you are either probably living in a den or you don't follow tech news at all. Gaana.com is a Timesgroup venture which is one of the biggest business groups in india with billions in revenues and apparently a hacker from Pakistan named “Makman” hacked it with a method called Sql injection  ,which bytheway is so common that every teenager in ethical hacking and security starts his career by learning the same. Data of approximately 10 millions users was compromised and hacker posted the link to a searchable database of Gaana user details on his Facebook page, with images of the service's admin panel.Anybody could access all the information of the users by just entering the email. It sound strange that a large company like TimesInternet did'nt have a pentesting or security team to deal with such issues  because of which such an exploit could be found easily.

What happened next is even more interesting. Mr Satyan Gatwani ,the CEO of timesinternet , interacted with the hacker on his facebook page, and in a hurry to save himself and his company from the embarassment,even offered to hire the same hacker as a security consultant.


The website was removed and the hacker officially posted a tweet declaring that no data was used or stored locally. But the bigger issue here still remains unsolved.  How could companies compromise on the security front of the technology ? Is there still a shortage of talent in the security sector?
With major players like CSSRL Laboratories coming in the market, the issue of talent is getting resolved but all the companies need to wake up before it's too late. To spread the skills across, CSSRL Laboratories has initiated Global Partnership Initiative to offer best of Franchise Opportunities to Entrepreneurs and Investors across, to create a Globe Enveloping IT Security Community. In this case , no harm was done. But we should not wait for the day when users have to suffer because of the fact that companies didn't have a proper security team.

- Naman Sharma

Comments

Richa Sharma said…
Because of less knowledge of Information Security this happened.

Popular posts from this blog

Is Cyber Security career possible for me?

Perhaps in recent past you had shown interest in getting trained in Cyber Security. But could not make up your mind as there were some questions or concerns which prevented you from taking a decision.
We know that the Cyber Security Industry is growing. There is a lot of scope in it in future. It is the right time to start a career in cyber security.But is it for me? Can I make it? Where do I start? Do I need to give up my current career and start fresh? These are some of the questions which many of us face when we consider opting for Cyber Security as a career.
We have compiled for you some frequently asked questions below which people ask and the answers for the same.
What is the eligibility for studying cyber security? What if I am not from IT background?At CSSRL we have a range of courses in cyber security for people with different educational backgrounds and interests. Our counselor will be able to guide you to choose the course that is best fit for you, if you decide to enter in th…

CAREER AFTER 12TH IN CYBER SECURITY

Q. What isCYBER SECURITY? Ans. Cyber Security is the body of Technologies, processed and practices designed to protect Network, Computers programs & data from attack, damage or unauthorized access. In a computing context, the term security implies Cyber Security.  
Q. WhyCYBER SECURITYis Important? Ans. The increasing Volume & Sophistication of Cyber Security threats – including targeting phishing scans, data theft and other online vulnerabilities – demand that we remain vigilant about securing our Systems & Information.

Why CSSRL's Virtual classroom methodology is different from typical "online courses"

Professional Training in Cyber Security is still a niche area in education industry and not many organisations are able to provide it to the level which is useful for the trainees in starting or advancing their career in this field. For those who want to get trained in this domain, the biggest challenge is to find a program "nearby" which is convenient to attend. Unfortunately, unlike most of the usual training programs which are available with a few kilometers from home or workplace or otherwise generally in same city where they live, we do not find good training programs in cyber security with such abundance. As shifting to other city or attending a training program far from convenient distance, or at a schedule which does not clash with existing profession, is not feasible for most of us, Virtual mode is the best option (or the only option, for many of us).
Apart from location and schedule, other benefits of online training include, self-paced training(repeat a module as…