I’ve covered data security concerns involving digital payment services Paytm in the past, but I didn’t pick up a recent claim by Cyble because their post relied on a tip from “KelvinSec” about “John Wick.” And although Cyble provided a couple of redacted screenshots to support a claim that there had been some incident, Cyble had obtained no response at all from Paytm Mall to either confirm or deny the alleged breach, the alleged ransom demand, or some vaguer accusation of some unspecified kind of insider involvement.
The story became more newsworthy a week later when the alleged hacker(s), “John Wick,” seemed to be hacking entities to provide a platform for them to loudly proclaim that they had NOT hacked Paytm. It was just… a tad bizarre.
Now Tarush Bahalla reports that Paytm has put Cyble on notice that if they don’t retract and apologize for their claims that Paytm was hacked and that there was a ransom demand, Cyble will be sued:
E-commerce platform Paytm Mall has sent a legal notice to cyber-risk intelligence firm Cyble Inc. on Monday, for its blogpost which alleged that the ecommerce platform had suffered a massive data breach.
On 30 August, Cyble said in a company blogspot that Paytm Mall was hacked by a cybercrime group under the alias ‘John Wick’, which led the hacker to get unrestricted access to the entire database of the company.
According to Bhalla, Paytm’s legal notice included:
“…. please note that your aforesaid unprofessional and callous act in circulating an unverified and false piece of information in the public has already done damage to the company, as our customers are completely disrupted and terrified by this information,” added Paytm Mall, in its legal notice.
Read more on livemint.com.
DataBreaches.net sent an inquiry to Cyble to ask for their response to Paytm’s legal notice. They responded with the following statement:
Cyble, as an organisation, is committed to protect the Indian technological ecosystem, which are experiencing severe cyber-attacks by various cybercrime groups.
Cyble is in receipt of notice from Paytm Mall in relation to a blog concerning a security breach. In this regard, Cyble states that the said notice is under review and a suitable reply shall be given to Paytm Mall placing on record all the relevant facts and its stand.
So it seems like we have not heard the end of this story or claims yet.