Moneycontrol PRO
Open App
you are here: HomeNewsTechnology

Paytm Mall suffers massive data breach as hackers gain 'unrestricted access' into database: Report

The breach potentially affects all accounts and related information at Paytm Mall.

August 31, 2020 / 12:13 PM IST

E-commerce payment system and financial technology company Paytm has reportedly suffered a massive data breach after a hacker group targeted the company’s PayTM Mall database. The attackers are demanding a ransom in exchange for the data.

Hacker group John Wick is said to be responsible for the Paytm Mall database breach. The malicious group has been known for hacking the database of companies under the guise of helping them fix bugs in the system.

Global cyber intelligence agency Cyble stated that the John Wick hacker group gained unrestricted access to Paytm Mall’s entire production database through a backdoor, which potentially affects all accounts and related information at Paytm Mall.

Moneycontrol could not independently verify the report.

The volume of data breached is currently unknown. Cyble claims that attackers have demanded 10 ETH, equivalent to USD 4,000.


“According to the messages forwarded to us by our source, the perpetrator claimed the hack happened due to an insider at Paytm Mall. The claims, however, are unverified, but possible. Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm mall as well. Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators. At this stage, we are unaware that the ransom was paid,” Cyble stated in an official update.

Paytm Mall spokesperson told Moneycontrol, "We would like to assure that all user, as well as company data, is completely safe and secure. We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies."

Also read: Cybersecurity attack: Your questions about what it is, its various types & how to be safe answered
Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

Moneycontrol News
first published: Aug 30, 2020 12:43 pm
ISO 27001 - BSI Assurance Mark