Cyble Is Accused of Extorting Data Breach Victims, but the Company Flatly Denies It
Last updated September 17, 2021
- The threat intelligence company “Cyble” is accused of forcing companies to subscribe to its services.
- Some media believe that the Indian data protection commission has summoned them to give explanations.
- The firm’s founder denies both allegations, claiming that their contributions are valued by the Indian state.
Cyble, a rising threat intelligence firm offering real-time dark web monitoring services, is going through its first turbulent period. It is accused of extorting victims of data breaches in a similar way that ransomware groups do it. According to a KEN report, if the company that had its data stolen by hackers and leaked on the dark web doesn’t pay Cyble, the firm publishes a post about it on the blog, exposing the incident to a wider audience.
KEN has presented the case of the ‘Big Basket’ breach in India as the latest example of that, where Cyble allegedly asked $80,000 to keep its mouth shut about the event. KEN even claims that Cyble gave the online supermarket 72 hours to pay that amount. The reporters declare that this atypical extortion process also hit RedDoorz, who had a data breach in September, with Cyble asking $140,000 from them.
In both cases, Cyble allegedly refused to share the details of the breach for free and tried to force the companies to subscribe to its services. Those two companies refused to take up the threat intelligence firm’s services, but two others, Dunzo and JusPay, took the offer. So, KEN allegedly talked with representatives from all these companies, and they all confirmed this practice.
Today, the Joint Parliamentary Committee on the Personal Data Protection Bill in India has summoned Cyble, PayPal, iSPIRT, Visa, and Mastercard to discuss security incidents that happened recently and formulate a strong legal approach to prevent them in the future. Some considered this suspicious, believing that Cyble was summoned to give explanations on the KEN allegations.
We have reached out to Beenu Arora, founder and CEO of Cyble, moments after he came out of the hearing. As he clarified, Cyble was invited to provide feedback on the bill because of the awareness they have helped build in the country. In fact, he told us the Indian government had invited them well before the KEN story came out, so it has nothing to do with it. Commenting on the meeting itself, Cyble’s CEO told us: “It was an awesome experience. India is heading in the right direction with this bill.”
Beenu Arora flatly denies everything about the KEN allegations, saying that Cyble always shares all the information they have with the victims freely. That includes how they were hacked, helping secure their systems without asking for anything in return.
In a statement that the man published on LinkedIn a few hours ago, he mentions the following:
Related
Most Popular
Most Popular