Paytm Mall Reportedly Hacked by Cybercrime Group, Company Says 'Data Is Safe and Secure'

Paytm Mall was established in 2017 as a B2C online marketplace. It is backed by Alibaba Group and SAIF Partners.

By Vineet Washington | Updated: 31 August 2020 11:14 IST

Paytm Mall Reportedly Hacked by Cybercrime Group, Company Says 'Data Is Safe and Secure'

Paytm Mall hack was reportedly possible due to an insider

Highlights

Paytm Mall has been reportedly hacked
Hacker group ‘John Wick’ has demanded 10 ETH
Paytm says all data is safe and secure

Paytm Mall, the e-commerce marketplace wing of Paytm, has been allegedly hacked, according to risk intelligence platform Cyble. A known cybercrime group that calls themselves ‘John Wick' was reportedly able to gain unrestricted access to Paytm Mall's entire database using a backdoor/ Adminer. Cyble also claims that the hack was made possible by a Paytm Mall insider. Additionally, the cybercriminals have asked for ransom in the form of cryptocurrency, 10 ETH (roughly Rs. 3.12 lakh), as per the report. Paytm, however, said it has not found any security lapses.

Cyble report states that an alleged ex-cartel member who uses the alias KelvinSec and is part of a known hacking group “John Wick“, tipped the risk intelligence platform about the hack. The cybercrime group was allegedly able to upload a backdoor/ Adminer on Paytm Mall and gain unrestricted access to its entire database. It is being said that the hackers gained access to the production database that potentially contains information on all Paytm Mall accounts and other related information. Cyble also cites its source, claiming that the perpetrator said it was an inside job.

The hacker group demanded a ransom of 10 ETH and the report claims they are receiving the ransom payment from the Paytm Mall. Further, the perpetrator has posted about the Paytm Mall hack in a Russian hacking forum as well, the report adds.

Paytm, however, said that all user and company data was safe and secure.

"We invest heavily in our data security, as you would expect," a Paytm spokesperson told Gadgets 360. "We have been investigating the claims of a possible hack and data breach, and haven't found any security lapses yet. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks.”

The spokesperson added: “We extensively work with the security research community and safely resolve security anomalies.”

Disclosure: Paytm's parent company One97 is an investor in Gadgets 360.

Which are the best truly wireless earphones under Rs. 10,000? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.