I haven’t read the twitter thread or anything beyond what’s in the BB post, but this doesn’t really sound like the site was hacked. Seems the person just probed for additional info by popping the hood of the website (so to speak). The site was misconfigured in that some info wasn’t encrypted, which was exactly what our hero needed to get to the objective. Good job, Nandan Kumar!
31 Likes
