Paytm Mall which is the e-commerce marketplace wing of Paytm was alleged to be hacked. The cybercrime group called John Wick was reportedly able to gain unrestricted access to Paytm Mall’s entire database using a backdoor.
According to risk intelligence platform Cyble, the hack was made possible by a Paytm Mall insider. The threat actors also demanded a ransom in the form of cryptocurrency, 10 ETH (around Rs. 3.12 lakh), as per the report.
However, Paytm stated that it has not found any security lapses and that all user and company data was safe and secure.
Cyble reported that an alleged ex-cartel member and a member of the hacking group John Wick, who uses the alias KelvinSec tipped the risk intelligence platform about the hack. The group managed to get unrestricted access to its entire database. The hackers gained access to the production database that contains information on all Paytm Mall accounts and other related information.
According to the report, the hackers are receiving the ransom payment from the Paytm Mall. Further, the perpetrator has posted about the Paytm Mall hack in a Russian hacking forum.
A Paytm spokesperson said that they have invested heavily in their data security and that they are investigating the claims of a possible hack and data breach, and haven’t found any security lapses yet. He also added that they have a Bug Bounty program, under which they would reward responsible disclosure of any security risks.