Digital payments major Paytm allegedly suffered a massive data breach two years back that may have exposed data of over 3.4 million users, cyber-security company Firefox Monitor said on Wednesday.
According to Firefox Monitor, a security tracker by popular web browser Mozilla, Paytm was breached on August 30, 2020.
"Once the breach was discovered and verified, it was added to our database on July 26, 2022," it said.
According to the report, the data compromised included phone numbers, email addresses, dates of birth, genders, geographic locations, income levels, names and purchases of the nearly 3.4 million users.
The breach data was provided by Have I Been Pwned, a website that allows internet users to check whether their personal data has been compromised.
"Though passwords weren't exposed in this breach, there are still steps you can take to better protect your personal info," said Firefox Monitor.
Paytm was yet to react to the data breach report.
Firefox Monitor said it has alerted several affected users, via Have I been pwned website, that their data was compromised during the Paytm breach.
Narayanan Hariharan, of NithyaKarma.com, tweeted with a screenshot of him being one of the Paytm breach victims.
"@Paytm data breach. That's an awful lot of my personal info that Paytm has let out," he posted.
Another Twitter user said: "@Paytm I have been warned by the Firefox Monitor for data breach. Is it true? Please confirm".
However, Paytm Mall refuted the claims and said the user data is 'safe'. The company later issued a statement in this regard.
Paytm Mall spokesperson said, “The data of our users is completely safe & claims related to data leak in the year 2020 are completely false and unsubstantiated. A fake dump uploaded on the platform haveibeenpwned.com appears to wrongly alert of a data breach on Firefox browser. We are getting in touch with Firefox and the platform to resolve the matter.”