Privacy Tracker Retracts Paytm Mall Leak Claim, Believes Leak Was ‘Fabricated’

HIBP's Troy Hunt revealed that he believed the data was fabricated, after a conversation with the head of Paytm's information security team.

Privacy Tracker Retracts Paytm Mall Leak Claim, Believes Leak Was ‘Fabricated’

Back in 2020, risk intelligence platform Cyble claimed that Paytm Mall was affected by a data breach

Highlights
  • HIBP has retracted its claim that Paytm Mall was hacked in 2020
  • It previously updated its website with data claimed to be from the breach
  • HIBP's creator now says that the data appears to be 'fabricated'

Privacy tracker Have I Been Pwned (HIBP) has retracted its claim that Paytm Mall was hacked in 2020, stating that it now believes the leak was ‘fabricated'. Earlier this week, the website that allows Internet users to check whether their personal data has been compromised by data breaches, had added what it claimed was personal data of 3.4 million users, allegedly sourced from the two-year-old data breach. On Friday, HIBP's Troy Hunt revealed that he believed the data was fabricated, after a conversation with the head of Paytm's information security team about the authenticity of the data.   

“The online platform that flagged a data breach of our systems reviewed it and has responsibly retracted its claim. This validates our earlier statement, where we stated that the data breach had no connection with us after conducting thorough investigations. We would like to reassure our users that their data is absolutely safe and protecting their information remains our topmost priority,” a Paytm spokesperson told Gadgets 360. 

On Wednesday, HIBP creator Troy Hunt tweeted an old report on the alleged breach, stating that he had received confirmation of users' emails and phone numbers from the Paytm Mall data breach. At the time, a staff member at Gadgets 360 was also notified by the Firefox Monitor service of their email or phone number having been part of the so-called breach.

According to HIBP, the data, which has now been termed fabricated, included “unique email addresses along with names, phone numbers, genders, dates of birth, income levels, and previous purchases” from 3.4 million users compromised in the breach that was reported in 2020. 

Back in 2020, risk intelligence platform Cyble had claimed that cybercriminals had asked for ransom in the form of cryptocurrency, after Paytm Mall was hacked by a known cybercrime group called ‘John Wick' which allegedly gained unrestricted access to Paytm Mall's entire database using a backdoor/ Adminer. At the time, Paytm had stated that it had not found any security lapses and that all user and company data was safe and secure.


How is Alexa faring in India? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Paytm Mall, Paytm, Have I Been Pwned, HIBP
David Delima
As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More
Apex Legends Season 14 Launch Trailer Reveals New Hero Vantage
Samsung Galaxy Z Fold 4, Galaxy Z Flip 4 Renders Offer Look at Complete Design, Colour Options
Share on Facebook Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.