- A US-based cybersecurity firm said that the Paytm Mall has suffered a “massive data breach” after Paytm Mall was hacked, which Paytm has denied.
- The hacker group has reportedly asked for a ransom in exchange for the data from the company. The perpetrator has demanded 10 ETH or Ethereum, equivalent to $4,000.
- The group’s previous targets include Zee5, SquareYards, Stashfin, Sumo Payroll, and Square Capital, among many others.
- While Paytm Mall has denied any breach, it’s bizarre that Cyble's report the report also alleged that the hack has happened due to an insider at Paytm Mall.
A US-based cybersecurity firm Cyble on Sunday said that the Paytm group has suffered a massive data breach after a hacker group targeted the company’s Paytm Mall database, which Paytm has denied.
It’s even more shocking that Cyble’s report points to the possible role of a company’s insider in what it says is a hack.
According to the report, a known cybercrime group with the alias ‘John Wick’ is responsible for the database breach. The malicious group has been known for hacking the database of companies under the guise of helping them fix bugs in the system. The group also has other aliases such as "South Korea" or "HCKINDIA".
Also read: Paytm mall tests group buying feature called “Paytm Bang”
The hacker group has reportedly asked for a ransom of 10 ETH or Ethereum, equivalent to $4,000 in exchange for the data from the company.
The hacker group gained unrestricted access to Paytm Mall’s entire production database through a backdoor/adminer on Paytm Mall application, which potentially affects all accounts and related information, the report adds.
Also read: Its Time To Be Vocal about local toys; India can become the world’s largest toy hub, says PM Modi
"Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm mall as well. Leaking data when failing to meet hackers' demands is a known technique deployed by various cybercrime groups, including ransomware operators. At this stage, we cannot confirm if the ransom was actually paid,” Cyble stated in an official update.
Moreover, It is worth noting that John Wick is the same group that has broken into multiple Indian companies in the past and collected ransom too. It includes Zee5, SquareYards, Stashfin, Sumo Payroll, and Square Capital, among many others.
Early this year, Ed-Tech startup Unacademy’s database also suffered a breach with contacts of 22 million users being put up for sale on May 3 for $2000. Truecaller, Zomato, and Uber have also fallen prey to massive data breaches of their user accounts.
"We would like to assure that all user, as well as company data, is completely safe and secure. Our team has noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. Our company also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies," a Paytm Mall spokesperson said.
Last year also, the Paytm group had faced a "fraud" allegedly caused by its employees.