The e-commerce arm of payment giant Paytm has suffered a data breach according to US-based cyber research firm Cyble, after a hacker group targeted the company’s Paytm Mall database. The attackers are demanding a ransom in cryptocurrency in exchange for the data, the firm said.
Paytm Mall however denied the breach in a statement to ET.
Hacker group John Wick is behind the breach, according to Cyble. According to experts, the group hacks databases of companies under the guise of offering help to fix bugs in their systems. “This (breach) was tipped off to us from an “alleged” ex-cartel member of a credible hacking group “John Wick“, the company said in a blog post.
The group was able to gain access to Paytm Mall’s database through a backdoor, it said. However the volume of the data breach was not specified.
The perpetrator of the breach has demanded 10 ETH (Ethereum) in cryptocurrency, according to Cyble. This is approximately equivalent to $4,000 according to data based on crypto currency exchange, Coinbase. ET could not independently verify the data breach.
Paytm denied this and said that user data is secure.
A Paytm Mall spokesperson said, “We would like to assure that all users, as well as company data, is completely safe and secure. We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies.
Leave a Reply