CCAvenue denies hacking attack

CCAvenue denies hacking attack
Highlights
  • Hackers claim to have hacked CCAvenue, an online commerce service provider in India, by exploiting “SQL injection vulnerability”.
Advertisement
Online commerce service provider, CCAvenue, has denied that its portal has been hacked.

Vishwas Patel, CEO,  CCAvenue told NDTVGadgets, "I confirm that the image posted by a hacker is a spoofed, self-created one and not that of our database and it has been created just to create panic and defame our company. We are in the process of filing a criminal complaint against the unknown hacker for the slander and malicious campaign run against our company."

Earlier today, we reported that a hacker claimed to have broken into CCAvenue by exploiting "SQL injection vulnerability".  The hacker, identifying himself as d3hydr8, submitted what he called a full disclosure of his attack on HackerRegiment.com. The "report" included what the hacker said were all the admin usernames and passwords of the CCAvenue portal.

In what was his first reaction on this,  Vishwas Patel said, "First and most [we] would like to say that this a slanderous campaign that is targeting CCAvenue. Based on our initial investigations by our security officials, we confirm that no hack has happened of our servers at 1515 hours on 04th May 2011 by the following person, as claimed in his article. We also confirm that  that the screenshot is not of our live database as the Apache version on live server is 2.2.17 (Updated more than 5 months ago) and not 2.2.14 (as claimed by the hacker). We also confirm that all the passwords of our merchants and all login credentials in our live database are encrypted and stored in our database and not in text format as claimed by the hacker."

He also assured that, "We don't store credit card details or Netbanking account details on our servers."

HackerRegiment has published the details submitted by the hacker but has maintained discretion by blurring the "passwords". The information published includes a list of databases, some information on tables within the databases, and screenshots of the administrator usernames and passwords.

HackerRegiment.com also claims to have reported the issue to CERT (Computer Emergency Response Team) India to help CCAvenue take corrective action before any information is released through any other media.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Shemaroo to stream Hindi movies on YouTube
Anonymous denies involvement in Sony data theft
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »