wordpress blog stats
Connect with us

Hi, what are you looking for?

Paytm sends legal notice to infosec firm that alleged data breach in Paytm Mall database

Paytm Mall, data breach
Credit: Aditi Agrawal

Paytm sent a cease and desist notice to Atlanta-based cybersecurity firm Cyble on September 4 for publishing a false, “defamatory” and “slander[ous]” report about a breach of Paytm’s database. Paytm completely denied all the claims that Cyble made in its report since “there have been so security lapses or gaps found in its [Paytm’s] eco-system [sic]”. It further claimed that this piece of “disinformation” has “completely disrupted and terrified” its customers. MediaNama has seen a copy of the notice. Livemint first reported the development.

In the cease and desist notice, Paytm has asked Cyble to remove the report, publish an apology and notice that the previous report was false, not publish any “defamatory” posts about Paytm, and give Paytm a written undertaking that Cyble will not “indulge” in such activities in future. Cyble has been given seven days to comply with the notice, failing which Paytm will initiate civil and criminal proceedings against the infosec company to claim damages for loss of reputation, goodwill and business. We have reached out to Cyble for confirmation.

The notice calls the Cyble report “completely baseless, false and disparaging”. It alleges that Cyble published this report “in haste” and “without even checking and verifying the authenticity of the information”.

Cyble had claimed that a known cybercrime group, called “John Wick”, used a backdoor in the Paytm Mall website and application to gain unrestricted access to the company’s entire databases, potentially compromising all Paytm Mall accounts. Cyble also claimed that the group had demanded 10 ETH (ether), a type of cryptocurrency equivalent to US$4,000, as ransom for the data.

In response to MediaNama’s queries, Beenu Arora, Cyble’s founder and CEO, had at that time said that they had reached out to Paytm via their social media channels since the two did not have a pre-existing relationship. We had asked Arora for the data of contact but had not received a response. A Paytm spokesperson at that time had said that Cyble had not got in touch with the company informing it about the alleged breach. They had also said, “This news is absolutely false, their has been no conversation and no ransom asked [sic].”

Advertisement. Scroll to continue reading.

Read more: Paytm Mall denies any data breach, claims cybersec firm never contacted them

You May Also Like


Bringing you quick updates on the tech space, policy-making and digital rights from India and across the globe. Google will move to hybrid workweek...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ