Source Platform Retracts Infringement Claim, User Data Is Secure, Marketing & Advertising News, ET BrandEquity
Online platform haveibeenpwned.com, a website that allows internet users to check whether their personal data has been compromised, has withdrawn its data breach complaint related to Paytm Mall.
The platform’s creator, Troy Hunt, tweeted that the data circulating has no connection to Paytm and that the breach appears to be “fabricated”.
“An update on this breach: After uploading it to @haveibeenpwned, @paytm’s infosec team lead contacted and we discussed the authenticity of the data, which they claimed was not from them. We now collectively believe it’s fabricated,” Troy posted.
“I sent them the data that was floating around, they looked at and came to a number of important conclusions, the first of which is the most significant: there’s a lot of data out there that they just never collect,” he said. he added in the Twitter thread.
Paytm Mall previously dismissed the allegation on Wednesday, saying its users’ data is “completely safe and the claims related to the data leak in 2020 are completely false and unsubstantiated.”
“A fake dump uploaded to the haveibeenpwned.com platform appears to falsely alert of a data breach on Firefox. We are in contact with Firefox and the platform to resolve the issue,” the company said.
Firefox Monitor, a popular Mozilla web browser security tracker, claimed that once the flaw was discovered and verified, “it was added to our database on July 26, 2022.”
The online platform’s recent allegations have been traced to an alleged data breach in August 2020 involving Paytm Mall, which was reported by US cyber research firm Cyble.
However, Paytm Mall had conducted a thorough internal investigation and external audit, which showed the allegation to be “absolutely false”. In fact, the hacker group held responsible for the breach also denied the claim.
A Paytm Mall spokesperson said: “The online platform that reported a data breach of our systems has reviewed it and responsibly withdrew its complaint. This validates our previous statement, in which we said the data breach was unrelated to us after conducting thorough investigations. We want to reassure our users that their data is absolutely secure and that protecting their information remains our top priority.”