Atlanta-based cyber security firm Cyble has claimed that a known hacker gained unrestricted access to Paytm Mall’s database by uploading a backdoor on the Indian e-commerce firm’s website.
According to the report, hacker group called ‘John Wick’ was able to gain unrestricted access to the entire database of Paytm Mall and has demanded ransom in exchange of the information.
All data safe, says Paytm
However, a Paytm Mall spokesperson said there was no data breach or hack.
“We would like to assure that all user, as well as company data, is completely safe and secure. We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies,” the spokesperson said.
According to the Cyble report, the hacker group has demanded 10 Ethereum, a cryptocurrency that is equivalent to $4,000, from Paytm Mall as ransom.
Set up in 2017, Paytm Mall is the e-commerce arm of financial services firm Paytm.