Paytm Mall data breach: Intelligence firm claims cyber-attack; Paytm denies

Cyble, online cyber risk intelligence firm, has claimed that hackers targeted Vjay Shekhar Sharma-led Paytm Mall recently. The intelligence firm added that a cyber group demanded ransom after gaining unrestricted access to the entire databases of Paytm Mall.

However, the online shopping platform has shrugged off all these claims, news agency IANS reported. A Paytm Mall spokesperson told it that claims are "absolutely false...we would like to add that all users, as well as company data, are completely safe and secure".

Cyble also said that a cybercrime group with the alias "John Wick" was able to upload a backdoor/adminer on Paytm Mall app/website. The group "John Wick" has other aliases such as "South Korea" or "HCKINDIA".

The Paytm Mall spokesperson said the company investigated the claims of possible cyber attack and data breach but found nothing.

On the contrary, Cyble's sources forwarded them a message where the perpetrators claimed they were receiving the ransom payment from Paytm Mall. Cyble added that it could not confirm if the ransom was actually paid. Cyble added the data breach might have affected all accounts and related information at Paytm Mall.

The perpetrator claimed that the hack happened due to an insider at Paytm mall, though these claims are unverified.

According to Cyble, hackers usually leak data when their demand is not met. "We invest heavily in our data security, as you would expect. We also have a Bug Bounty programme, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies," the Paytm Mall spokesperson said.

Last year also, the Paytm group had faced a "fraud" allegedly caused by its employees.

Also read: Rebooting Economy XXIII: What stops India from taking care of its crisis-hit workers?

Also read: India Q1 GDP data preview: Economy to shrink 16-25%