If the claim by US cyber intelligence group is true then a huge chunk of data from India’s e-commerce website has been compromised by international hackers. According to American US-based cyber-risk intelligence platform Cyble Inc, there has been a massive data breach at Paytm which was targeted by an international hacking group known as ‘John Wick’. Hackers are demanding ransom in exchange for data.
Cyble in their blog post wrote a known cybercrime group with the alias ‘John Wick’ was able to upload a backdoor on Paytm Mall application/website and was able to gain unrestricted access to their entire databases. It seems the hackers gained access to their production database and potentially affects all accounts and related information at Paytm mall, however, there is no confirmation yet. Paytm in its statement has denied any breach.
Hacker group John Wick is said to be responsible for the Paytm Mall database breach. The malicious group has been known for hacking the database of companies under the guise of helping them fix bugs in the system. John Wick is the same notorious group which broke into multiple India companies, and collected ransoms from various organizations. The actor has other aliases such as “South Korea”, “HCKINDIA”.
The volume of data under the control of hackers is still not known. Cyble inc claims that attackers have demanded 10 ETH, equivalent to USD 4,000.
“According to the messages forwarded to us by our source, the perpetrator claimed the hack happened due to an insider at Paytm Mall. The claims, however, are unverified, but possible. Our sources also forwarded us the messages where the perpetrator also claimed they are receiving the ransom payment from the Paytm mall as well. Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators. At this stage, we are unaware that the ransom was paid,” Cyble stated in an official update.
A Paytm Mall spokesperson, however, told a news agency that the claims are “absolutely false”.
“We would like to assure that all users, as well as company data, are completely safe and secure,” the spokesperson said in a statement.
“We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false,” the statement added.
Leaking data when failing to meet hackers demands is a known technique deployed by various cybercrime groups, including ransomware operators, the online intelligence firm said.
The perpetrator claimed the hack happened due to an insider at Paytm Mall. In 2019, the Paytm group faced a fraud allegedly caused due to their employees.