TCS Website (tcs.com) Hacked and Put for Sale!

The official website of Tata Consultancy Services, TCS.com, India’s largest software provider, has been hacked today. The homepage says:

This domaine name is for sale. Please contact us for further informations.
[email protected]

Ce nom de domaine est a vendre
Merci de nous contacter pour obtenir de plus amples informations.
[email protected]

[advt]

The screenshot of the website, accessed from India, at 2:30PM today, is shown above. It is rumored that, the hackers have made changes to the DNS settings of the website. They have put up a whos.among.us widget displaying current traffic on the homepage!

TCS is maintaining many of the government websites and this case points out the immaturity of TCS. Let us hope that, this will be an eye opener for major Indian software firms.

12 Comments

  1. Hi! I think most of the hacking being done is not the actual hacking but infact Social Engineering or Phishing. People fall prey and end up loosing their username/passwords. This can not be termed as hacking. The only way is to educate people to be able to guard themselves against Social Engineering but when people are still using IE6, its a bit difficult to get this going.

  2. @timtom, pillai, etc:

    the first comment on http://sitaramc.blogspot.com/2010/02/tcscom-was-not-hacked.html has enough details for your to check things out for yourself, (and to fire your DNS provider if you’re still seeing old data.)

    pillai: your statement would be fine if a non-IT person said it, but if you’re in the IT industry, and you don’t know how DNS works, how changes propagate, why caching happens, and — more importantly — when caching backfires, that is really your problem.

    Perhaps you know all this, and you have designed a better DNS protocol. Perhaps you know that DNSSEC will solve these issues, and have figured out a way around DNSSEC’s deployment problems? Let’s hear it… 😉

    • @Sitaram: In your post you said, “Whether that was done by actually hacking tracom/netsol or by social engineering a valid change request I do not know.”

      Answer to that question can tell us what happened. It is yet to figure out how did happened for the first time? TCS can tell us what happened. And then we can see why it is taking too much time for refreshing the cache.

      Note: TCS.COM is now working fine through our name servers too.

      BTW, I have not meant this post to defame TCS, but just to tell people some like this happened. Cool.

  3. Idoit guys.. what Sree Pillai said is correct. TCS site got hacked and they haven’t resolved yet… i still see this sale board on the site……

  4. [Disclaimer: I’m an employee of TCS, but I gave my personal email because I am saying this in my personal capacity].

    I’m sorry to burst your bubble but TCS did not get hacked. Anyone who could query the internal DNS servers (which gave the correct IP address) would see the normal site.

    What *did* happen was that the DNS records were updated. Whether that was done by hacking tracom/NetSol or by social engineering a valid change request I do not know.

    In brief, whatever happened was outside TCS control.

  5. please do not distract by posting this type of fake news.
    It is less possible to hack TCS’s website so Please recheck you showing domain this is not TCS’s domain.
    Original domain is
    http://www.tcs.com/
    so kindly provided real news not fake
    ok
    please delete this news and say sorry for this otherwise i send this to TCS and they case on you for providing fake news about TCS
    Understand.
    hope you do this before morning…

  6. I do not think the TCS website was hacked. This looks like a DNS problem.

    When the site was not accessible, I did a nslookup and saw that it was pointing to a different IP from the one published by Whois for TCS.com.
    -Saul

  7. Its not the tcs.com that ishacked rather DNS server that you are using,
    like google dns ..change the dns server to
    that of opendns .
    208.67.222.222 or 208.67.222.220
    and it will open fine

Leave a Reply

Your email address will not be published.


*