New Delhi, India: A server belonging to NIIT GIS Ltd., a joint venture between NIIT-Tech and Esri, compromised using a SQL injection attack by a hacking group calling itself the ‘Tigers of Indian Cyber’ (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials.
The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. “The executed query enumerates expected information from the database tables,” said Omair.
Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detected by NIIT Technologies and the server was subsequently taken offline.
According to the source, the compromised server is an internal departmental server, primarily meant for internal employees and sales force to access training and marketing collateral. The GIS server is a stand-alone server hosted in NIIT’s Noida data centre. It’s not hosted with the rest of the NIIT Technologies network. This server has been online for the past eight years.