Indian online retailer Paytm Mall, that according to Indian Congress leader Rahul Gandhi is a platform crafted as “Pay to Modi”(A financial platform developed to pay to Indian Prime Minister Shri Narender Modi) is in news for all wrong reasons.
A Cybersecurity firm named Cyble says that the Vijay Shekar Sharma led company suffered a data breach recently, and the hackers received a payment for not leaking the accessed information such as passwords.
The security firm added in its media update that Paytm Mall, a financial arm of Paytm company, paid a handsome sum to cyber crooks for not locking down the database with ransomware.
However, Paytm Mall has denied the news and said that the speculations made by a certain section of media were false and assured that all data related to users, company and transactions was 100% secure on the servers with them.
A Paytm spokesperson confirmed the news and added that they have gained a security audit report from their staff saying that all data and the servers were safe and well isolated from any kind of hacking activity.
But Greater Atlanta based Cyber Security firm Cyble led by Beenu Arora claims that their organization has evidence claiming the data breach in which all accounts and related information of Paytm Mall were accessed by hackers.
Unconfirmed sources say that the hack might have happened because of an insider working for Paytm Mall.
Note 1- Normally, Hackers leak data of a company when they do not get a ransom after encrypting a database. So, a source from Cyble claims that the hackers might have gained accessed to Paytm Mall login data at sometime early this month( i.e. Aug 2020) and since the Indian e-commerce firm failed to pay them a ransom for reasons, they leaked the data online for prospective buyers and forwarded the same to a security for authenticity.
Note 2- Paytm Mall App is a 2017 launched B2C online retail platform of Paytm that connects over 140,000 sellers to customers.
The post India Paytm Mall suffers data breach leaking passwords appeared first on Cybersecurity Insiders.
August 31, 2020 at 10:46AM
0 comments:
Post a Comment