wordpress blog stats
Connect with us

Hi, what are you looking for?

HDFC Bank’s Database Was Hacked

zSecure, IT security research group, has claimed to have detected vulnerabilities in HDFC Bank‘s website. According to a blog post on zSecure’s security blog, a Hidden SQL Injection Vulnerability was detected by the group on 15th July 2011, that could give hackers access to the bank’s complete database, and lead to confidential user data being compromised. The blog post also features three screen-shots of some MSSQL databases, including a database consisting of information related to the bank’s branches.

The group claims that HDFC Bank took 22 days to respond to it, when it reported the vulnerability to it, and that it was not able to fix it in the first attempt. Later, zSecure sent complete inputs about the vulnerability to the Bank’s security team, after which it was fixed. The group also said that HDFC in its reply mentioned the use of a third-party service provider for its site’s security. Note that MediaNama is unable to verify any of the claims made by zSecure, the authenticity of the screenshots, and whether this level of access indicates a serious security breach.

We do however, feel concerned about access to customers’ bank accounts, since this may lead to not just access to private information but also financial loss, if these reports are true.

Earlier, zSecure had claimed to have detected vulnerabilities in three other Indian websites: Sify.com (screenshots), TimesOfMoney (screenshots)  and brokerage house Sharekhan.com (screenshots), using an SQL injection technique. TimesOfMoney had said that it was protected against any kind of network penetration due to stringent policies followed and that it had once again tested its infrastructure for the named vulnerability, and had seen no evidence of breach.

Other attacks on Indian websites include one on BSNL by the Pakistan Cyber Armyon the Indian Army website and NIC by Anonymous India. Earlier, CCAvenue had denied the authenticity of a hack.

Advertisement. Scroll to continue reading.

Security Breaches On The Rise: Sulekha, Sify, TimesofMoney, ShareKhan
117 Indian Government Websites Defaced Till July

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ