Online intelligence firm Cyble on Sunday said that a cybercrime group demanded ransom after gaining unrestricted access to the entire databases of Paytm Mall, although the e-commerce platform denied the claims. The cybercrime group with the alias "John Wick" was able to upload a backdoor/Adminer on Paytm Mall application/website, said Cyble.
A Paytm Mall spokesperson, however, told IANS that the claims are "absolutely false". "We would like to assure that all users, as well as company data, are completely safe and secure," the spokesperson said in a statement.
"We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false," the statement added. Cyble said that the breach appears to have affected all accounts and related information at Paytm mall, it added.
"Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm mall as well," Cyble said, adding that it could not confirm if the ransom was actually paid.
Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators, the online intelligence firm said.
The perpetrator claimed the hack happened due to an insider at Paytm Mall. The claims, however, are unverified. In 2019, the Paytm group faced a fraud allegedly caused due to their employees. The group "John Wick" has other aliases such as "South Korea", "HCKINDIA".
"We invest heavily in our data security, as you would expect. We also have a Bug Bounty programme, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies," the Paytm Mall spokesperson said.