New Delhi: Online platform haveibeenpwned.com, a website that allows internet users to check whether their personal data has been compromised, has retracted its data breach claim related to Paytm Mall.
The creator of the platform, Troy Hunt, tweeted saying that data circulating has no connection to Paytm and the breach seems “fabricated”.
“An update on this breach: after loading it into @haveibeenpwned, the head of @paytm’s infosec team reached out and we had a chat about the authenticity of the data, which they believe didn’t originate from them. We now collectively believe it’s fabricated,” Troy posted.
“I sent them the data that was circulating, they reviewed and drew a number of important conclusions, the first of which is the most significant: there’s a lot of data there they simply never collect,” he added in the Twitter thread.
Paytm Mall had earlier rejected the claim on Wednesday, saying thatA the data of its users is “completely safe and claims related to data leak in the year 2020 are completely false and unsubstantiated”.
“A fake dump uploaded on the platform haveibeenpwned.com appears to wrongly alert of a data breach on Firefox. We are in touch with Firefox and the platform to resolve the matter,” the company had said.
Firefox Monitor, a security tracker by popular web browser Mozilla, had claimed that once the breach was discovered and verified, “it was added to our database on July 26, 2022”.
The online platform’s recent claims were attributed to an alleged data leak in August 2020 involving Paytm Mall, which was flagged by US-based cyber-research firm Cyble.
However, Paytm Mall had conducted a thorough internal investigation and an external audit, which showed that the claim was “absolutely false”. In fact, the hacker group held responsible for the breach had also denied the claim.
A Paytm Mall spokesperson said: “The online platform that flagged a data breach of our systems reviewed it and have responsibly retracted its claim. This validates our earlier statement, where we stated that the data breach had no connection with us after conducting thorough investigations. We would like to reassure our users that their data is absolutely safe and protecting their information remains our top-most priority.”
–IANS
Comments are closed.