back to article Cheeky French hackers hijack Tata website

Top flight outsourcing firm Tata Consulting Services appeared to have lost control of its website to hackers today, with the domain apparently being touted for sale. The Washington Post reported that the site had fallen prey to a DNS hijack over the weekend. A report in Times of India this morning said that hackers had …

COMMENTS

This topic is closed for new posts.
  1. Steve X

    French?

    Not sure that's Frenc h French. Canadian hackers, perhaps? Have Tata pissed off the Parti Quebecois recently?

    1. Steve Evans

      The title is required, and must contain letters and/or digits.

      Not sure that's English English, American hackers perhaps?! :o)

  2. Anonymous Coward
    FAIL

    Wonderful

    I'm so glad the Bean Counter IT monkeys, sorry Directors, decided to outsource most of our development to such a fantastic opertation.

  3. Tim 48

    Considering that they provide call center services...

    Did they end up calling themselves for tech support?

    1. Anonymous Coward
      Thumb Up

      @tim48

      If they did, would some kind of telephonic space-time paradox occur and they plunge into an endless 1st-line support loop?

      One can but hope.

      R.

  4. JohnG

    Tata for now!

    Web'll be back soon.

    1. Anonymous Coward
      Coat

      @JohnG and, oh, and @UK.gov

      John,

      that joke was singularly bad. Keep it up. Obvious jokes are clearly flavour of the month - MPs being prosecuted for taking money they haven't earned, Jack Straw being the deciding factor in the Iraq invasion, the existence of AManFromMars and Matt B, etc. Oh, and my browser's spell checker deciding that the correctly-spelled flavour is a spelling mistake. Why doesn't someone teach these people English :)

      Au revoir.

      Oh, and TataFN.

  5. Combat Wombat
    Troll

    Still borked

    10am Vancouver.. and it's still borked for me.

    Nice to see they have a top notch team handling it.

  6. The Mighty Buzzard
    Thumb Down

    Tech Writing Fail

    So The Reg no longer bothers to know about simple things like DNS propagation taking time because of caching?

  7. Sitaram Chamarty
    Stop

    tcs.com was NOT hacked....

    please guys, I expected better from you lot...

    [Disclaimer: I'm an employee of TCS, though naturally I'm posting this in my personal capacity]

    tcs.com was NOT hacked yesterday. What did happen was that the DNS records that supply the IP were reset to some other IP.

    Whether that was done by actually hacking netsol or by social engineering a valid change request I do not know.

    I know the site was fine because going through the internal DNS got me the correct IP address and the correct content.

    I believe the problem started sometime before 1am IST [this is a wild guess, from other symptoms; don't ask, heh heh!], and was resolved around noon or so [this guess is more accurate because I was semi-actively monitoring it].

    In both instances, it would have taken a few hours for the bad data to expire from DNS caches. Depending on who your DNS provider is, you may have seen it "come back" at different times. If you were running your own DNS, you could have purged your DNS cache manually and would know more accurately when it came back.

    At this point in time I am still receiving reports of other DNS servers still showing the bad data. Just tell them to purge their DNS caches if you know them, or switch to openDNS. They've got the right stuff, and have had it a lot longer than the chocolate factory's DNS :)

  8. Sitaram Chamarty
    FAIL

    "fix had not taken"

    just run "dig +trace www.tcs.com"

    If you're piggy-backing on someone else's DNS, like your ISP or openDNS or the chocolate factory, and you get a different answer than 216.15.200.140, you know what to do.

    But actually, if you aren't running your own DNS, and didn't flush your caches as soon as you heard this, you shouldn't even be commenting on the issue.

    "still see the bad page" ==> **reporting** on the issue

    "fix had not taken" ==> **commenting** on the issue

    [Same disclaimer applies as in previous comment]

  9. Jeremy 2

    <title/>

    "However, as of half three today, from where we were sitting the site was still showing the "for sale" notice, in both French and English, suggesting Tata's fix had not taken."

    Or suggests that you're using a DNS server that has a cached copy of the compromised records which haven't expired yet.

  10. Disco-Legend-Zeke

    I Am Thinking...

    ...that this is a TTL issue.

  11. pctechxp

    it's the DNS stupid

    the correction is probably still propagating.

  12. Eduard Coli
    Troll

    Brain drain

    Tata should outsource its site to some competent firm?

  13. Anonymous Coward
    Thumb Up

    Also for sale...

    The Brooklyn Bridge.

    Offers taken.

  14. Steven Knox
    Paris Hilton

    Tsk, Tsk

    If they HAD to go through the trouble of stealing the DNS, they could have at least had more fun with the name "Tata Consulting."

    Today's "hackers" have no style.

    <--- Tata Consultant Extraordinaire

  15. This post has been deleted by its author

    1. Kevin Gurney
      Thumb Up

      It can't have been Richmond.....

      ......as he's got Scurvy :-)

  16. Anonymous Coward
    Linux

    abed_uk

    http://www.xav.com/scripts/axs/whois.pl?a=lh.org

    Listed as contact in that whois too...

  17. Isendel Steel

    TaTa(s)

    and not one boob joke .......

This topic is closed for new posts.