On the deface page hackers left the message for site admin stating that, he had reported the multiple vulnerability to site admin but they haven't response to it. Hacker have not defaced the index page of the site rather he had uploaded his deface page on the directory of the site (http://smu.edu.in/resources/icp.htm).
As we have contacted to hacker, he told us that he had reported the vulnerability to admin, but they haven't gave any response to him. He had just defaced to show the security issue. he noted that,
"I didn't cause any damage to the site or server, just taking site admin attention to its reports. This was just security alert to the site admin"
Hacker have told us that today also he had reported the security issue with the deface page link as a POC. And at the mean time site admin have patched the site and restore the deface page. Hope now they realised that a small reports can damage there system.
Additionally, hackers also told us that he had access to the server database, and also have all the data of students, exam results details and other important data also. You can check the below screenshot provided by the hacker to us on our mail.
|Sikkim Manipal University Database|
I have seen many times that hackers have reported security issue to the organisation but they haven't took any issue or didn't response to them. Sometime some site admin patched the loopholes but didn't response to the security reports.
This is big issue that if hackers are reporting a security issue on its system then organisation representative must respond to the reports, even if they didn't have any bounty program. If they respond to the reports this may help then to solve the security loopholes of their system.