Technical / Paytm Mall sends legal notice to Cyble over data breach claims

Inc42 : Sep 08, 2020, 01:19 PM
Technology: A week after US-based cyber-risk intelligence platform Cyble Inc claimed that ecommerce platform Paytm Mall allegedly suffered a massive data breach, the ecommerce arm of One97 Communications has sent a legal notice to Cyble.  

On 30 August, Cyble said in a company blogspot that Paytm Mall was hacked by a cybercrime group under the alias ‘John Wick’, which led the hacker to get unrestricted access to the entire database of the company.

Paytm Mall has given Cyble a week to comply with its requests. In case of non-compliance, the ecommerce firm said that it will move to court and initiate civil and criminal proceedings against the cybersecurity company.

“The most astonishing fact is that since your organisation is in the business of providing services around this area i.e. cyber threats, risks, and cyber security, thus we expected more sensible, professional and ethical standards from your side,” said Paytm Mall to Cyble, as a part of its legal notice.

‘John Wick’ was able to upload a backdoor or Adminer on Paytm Mall application website and was able to gain unrestricted access to their entire databases […] According to the messages forwarded to us by the source, the perpetrator claimed the hack happened due to an insider at Paytm Mall. The claims, however, are unverified, but possible,” claimed a Cyble blogpost. 

In addition to this Cyble had also mentioned on its blog, citing sources, that the ‘grey hat’ hacker had demanded a ransom of 10 Ethereum (ETH), equivalent to $4,000 from Paytm Mall.

Paytm in its legal notice has asked Cyble to immediately stop making any further false claims on the matter, and issue a public communication stating that the contents of its August 30 blog post are incorrect, reported Mint.

According to Cyble, ‘John Wick’ had broken into multiple Indian companies and collected ransom from various Indian organisations including OTT platform Zee5, fintech startups, Stashfin, Sumo Payroll, Stashfin, i2ifunding, through other aliases such as ‘South Korea’ and ‘HCKINDIA’.

‘John Wick’ recently hacked the Twitter account of Narendra Modi’s personal website, last week, and through a tweet, clarified that it had not hacked ‘Paytm Mall’.

In July, hyperlocal task management startup Dunzo also suffered a data breach that leaked phone numbers and email addresses of its users. The data breach took place through servers “of a third party” Dunzo works with were compromised, the firm’s chief technology officer (CTO) Mukund Jha had said in a blogpost.

Prior to this, Cyble has highlighted data breaches of companies like Truecaller, Unacademy,, Bharat Earth Movers Limited (BEML) and IndiaBulls. While Unacademy and BEML have accepted the data breach. has alleged that the data found dates back to the year 2006 – 2012, and there is no proof that the data has been collected from even though the file does.

There have been several Indian platforms in the past which have faced data breaches. Earlier in May, it was reported that data of 4.75 crore Truecaller Indian users was found to be up for sale on the dark web. The development which was denied by the Swedish mobile application platform Truecaller India, was a result from its data leak.