Brands
Discover
Events
Newsletter
More

Follow Us

twitterfacebookinstagramyoutube
Youtstory

Brands

Resources

Stories

General

In-Depth

Announcement

Reports

News

Funding

Startup Sectors

Women in tech

Sportstech

Agritech

E-Commerce

Education

Lifestyle

Entertainment

Art & Culture

Travel & Leisure

Curtain Raiser

Wine and Food

YSTV

ADVERTISEMENT
Advertise with us

Paytm Mall says no security lapses found after investigating alleged breach

The clarification came after US-based cyber research firm Cyble had said a hacker group with the alias 'John Wick' was able to gain unrestricted access to Paytm Mall's databases.

Paytm Mall says no security lapses found after investigating alleged breach

Monday August 31, 2020 , 2 min Read

The ecommerce unit of payment solutions provider Paytm, Paytm Mall, on Sunday said it has not found any security lapses yet after investigating claims of a possible hack and data breach.


The clarification came after US-based cyber research firm Cyble had said a hacker group with the alias 'John Wick' was able to gain unrestricted access to Paytm Mall's databases.


"We would like to assure that all user, as well as company data, is completely safe and secure... We have been investigating the claims of a possible hack and data breach, and haven't found any security lapses yet," a Paytm Mall spokesperson said in a statement.
Paytm Mall

Image Source: Shutterstock




The spokesperson added that the company invests heavily in data security, and also has a Bug Bounty programme under which it rewards responsible disclosure of any security risks.


"We extensively work with the security research community and safely resolve security anomalies," the spokesperson said.


Cyble, in a blog, had said: "...it appears the actor gained access to their production database and potentially affects all accounts and related information at Paytm Mall".


Cyble said based on information available to it, the hack happened "due to an insider at Paytm Mall" and noted that the claims, however, are unverified.


"Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm Mall as well. Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators. At this stage, we are unaware that the ransom was paid," Cyble said.


The perpetrator had reportedly demanded 10 ETH (Ethereum) equivalent to $4,000.


Cyble said it has reached out to Paytm Mall for any comments and is awaiting to hear back.


(Disclaimer: Additional background information has been added to this PTI copy for context)


Edited by Kanishk Singh