The online platform haveibeenpwned.com
“An update on this breach: after loading it into @haveibeenpwned, the head of @paytm‘s infosec team reached out and we had a chat about the authenticity of the data, which they believe didn’t originate from them. We now collectively believe it’s fabricated,” Troy Hunt said.
“I sent them the data that was circulating, and they reviewed and drew a number of important conclusions, the first of which is the most significant: there’s a lot of data there they simply never collect,” he added in the Twitter thread.
https://twitter.com/troyhunt/
https://twitter.com/
Paytm Mall had earlier rejected the claim on Wednesday and issued a statement: “The data of our users is completely safe and claims related to a data leak in the year 2020 are completely false and unsubstantiated. A fake dump uploaded on the platform haveibeenpwned.com
The online platform’s recent claims were attributed to an alleged data leak in August 2020 involving Paytm Mall, which was flagged by US-based cyber-research firm Cyble. However, Paytm Mall had conducted a thorough internal investigation and an external audit, which showed that the claim was “absolutely false”. In fact, the hacker group held responsible for the breach had also denied the claim.
A Paytm Mall spokesperson said, “The online platform that flagged a data breach of our systems reviewed it and have responsibly retracted its claim. This validates our earlier statement, where we stated that the data breach had no connection with us after conducting thorough investigations. We would like to reassure our users that their data is absolutely safe and protecting their information remains our topmost priority.”
