Sunday, Dec 04, 2022

‘Massive data breach’ reported at Paytm Mall; claims absolutely false, says company

The clarification came after US-based cyber research firm Cyble had said a hacker group with the alias 'John Wick' was able to gain unrestricted access to Paytm Mall's databases.

Cyble said it has reached out to Paytm Mall for any comments and is awaiting to hear back.

Alibaba Group-funded Paytm Mall has allegedly suffered a “massive data breach”, global cybersecurity firm Cyble reported, with a known cybercrime group ‘John Wick’ gaining unrestricted access to the e-commerce firm’s entire databases. The report also alleges that the hack “happened due to an insider at Paytm Mall”. The company, however, denied any such hack or data breach.

“We would like to assure that all user, as well as company data, is completely safe and secure. We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies,” a Paytm Mall spokesperson told The Indian Express.

Even as the volume of compromised data is unknown, Cyble claimed that attackers have demanded 10 ETH, or cryptocurrency ethereum, equivalent to $4,000.

“Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm Mall as well. Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators. At this stage, we are unaware that the ransom was paid,” Cyble said in its report.

Subscriber Only Stories
This Gujarat election may be most significant for the inroads made by AAPPremium
Venba: A video game about a South Indian immigrant’s story one recipe at ...Premium
Baramati not for taking: Supriya Sule seeks to make her point via Mumbai ...Premium
The Neu Air India Flight PathPremium

“The actor (John Wick) seems to have a keen interest in the Indian companies, and this is likely due to the high degree of his success rate in receiving ransom payments. Based on their attack patterns, one thing which stands out is that the group targets tech-based companies the most — and demand ransom by sending them emails on their support channels etc,” Cyble added.

First published on: 30-08-2020 at 09:51:47 pm
Next Story

Benoit Paire out of US Open after positive COVID-19 test

Latest Comment
Post Comment
Read Comments