- An earlier report had suggested that
Paytm Mall suffered a massive data breach in August 2020. - It was expected that the breach had compromised data such as the user’s phone number, email address, purchase history, and more.
- An investigation by Troy Hunt has now revealed that the breached data has been fabricated.
“An update on this breach: after loading it into @haveibeenpwned, the head of @paytm's infosec team reached out and we had a chat about the authenticity of the data, which they believe didn't originate from them. We now collectively believe it's fabricated,” Troy Hunt said in a tweet.
Paytm, one of the largest wallet and payment services platforms, reportedly suffered a massive data breach in 2020. While the company has not accepted this, it had reportedly received a ransom demand after the data breach.
Firefox Monitor, a security tracker by Mozilla that informs users if their mobile number or email has been compromised in a data breach, has today confirmed that Paytm suffered a data breach in 2020 and that data of over 3.4 million users has been discovered online.
Update - Paytm has clarified the leak. “The data of our users is completely safe & claims related to data leak in the year 2020 are completely false and unsubstantiated. A fake dump uploaded on the platform haveibeenpwned.com appears to wrongly alert of a data breach on Firefox browser. We are getting in touch with Firefox and the platform to resolve the matter," a Paytm spokesperson said in a statement to Business Insider India.
According to a report by Firefox Monitor, the data breach compromised information such as the user’s phone number, email address, purchase history, gender, date of birth, location and income levels.
Fortunately, payment information such as saved cards was not compromised during the data breach.
You need not change your passwords as the data breach did not compromise the passwords.
If you are a Paytm user and wish to know if your data has been compromised, you can follow the below steps –
- Go to Have I been pwned website here.
- Enter your email address or phone number and click “pwned?”.
- You will then be able to see all the websites or apps where your data was compromised.
SEE ALSO:
OnePlus 10T to launch soon in India – launch date, expected specifications and everything you need to know
Redmi K50i review: A solid performer but lacks the charm of its predecessor
Google rolls out final Android 13 beta – eligible devices, how to download, and everything you need to know