HDFC Bank DataBase – Hacked

Security is one of the most important concerns for online portals and especially for Banks. HDFC bank which is one of the largest banks in India, was a victim of one of the security issues.

HDFC bank website hacked security issues in bank

The customer database of HDFC bank was hacked and it took the bank 22 days to respond to such critical situation. Few days before, we saw the incident of CCAvenue being hacked, but now it was turn for HDFC bank.

According to zSecure, the hackers were able to access the entire database of HDFC which is very sensitive. The database had a critical SQL injection vulnerability which the hackers were able to exploit.

Indias leading bank HDFC Bank database snapshot website hacked security  issues

The vulnerability was seen on 15-July-2011 and finally after 22 days, the issue was finally fixed. It shows the carelessness, we would say, to fix such the issue taking so much time.

Following are the details:

  • Website: www.hdfcbank.com
  • Vulnerability Type: Hidden SQL Injection Vulnerability
  • Database Type: MSSQL with Error
  • Vulnerability Discovered: 15-July-2011
  • Alert Level: Critical
  • Threats: Complete Database Access, Database Dump, Shell Uploading
  • Current status: Fixed.

Leave a Reply

Your email address will not be published. Required fields are marked *