Cyble Is Accused of Extorting Data Breach Victims, but the Company Flatly Denies It

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Cyble, a rising threat intelligence firm offering real-time dark web monitoring services, is going through its first turbulent period. It is accused of extorting victims of data breaches in a similar way that ransomware groups do it. According to a KEN report, if the company that had its data stolen by hackers and leaked on the dark web doesn’t pay Cyble, the firm publishes a post about it on the blog, exposing the incident to a wider audience.

KEN has presented the case of the ‘Big Basket’ breach in India as the latest example of that, where Cyble allegedly asked $80,000 to keep its mouth shut about the event. KEN even claims that Cyble gave the online supermarket 72 hours to pay that amount. The reporters declare that this atypical extortion process also hit RedDoorz, who had a data breach in September, with Cyble asking $140,000 from them.

In both cases, Cyble allegedly refused to share the details of the breach for free and tried to force the companies to subscribe to its services. Those two companies refused to take up the threat intelligence firm’s services, but two others, Dunzo and JusPay, took the offer. So, KEN allegedly talked with representatives from all these companies, and they all confirmed this practice.

Source: The KEN

Today, the Joint Parliamentary Committee on the Personal Data Protection Bill in India has summoned Cyble, PayPal, iSPIRT, Visa, and Mastercard to discuss security incidents that happened recently and formulate a strong legal approach to prevent them in the future. Some considered this suspicious, believing that Cyble was summoned to give explanations on the KEN allegations.

We have reached out to Beenu Arora, founder and CEO of Cyble, moments after he came out of the hearing. As he clarified, Cyble was invited to provide feedback on the bill because of the awareness they have helped build in the country. In fact, he told us the Indian government had invited them well before the KEN story came out, so it has nothing to do with it. Commenting on the meeting itself, Cyble’s CEO told us: “It was an awesome experience. India is heading in the right direction with this bill.

Beenu Arora flatly denies everything about the KEN allegations, saying that Cyble always shares all the information they have with the victims freely. That includes how they were hacked, helping secure their systems without asking for anything in return.

In a statement that the man published on LinkedIn a few hours ago, he mentions the following:

Our business model is simple, we sell threat intelligence - the most commoditized and abused service in the overall cybersecurity market. What we offer - we sell SaaS licenses. What do we specialize in? - We have a pretty good view of the activities in dark web forums, chat conversations as well as several cybercrime forums. Let's get to the facts here. We willingly shared the "who," "how," "what," "when" attributes to RedDoorz with no obligation or material benefits whatsoever - by the way, we never made any disclosure about them - they only came after us post-BigBasket. Why? From our experience, we share a lot more information compared to others. The intent is to assist a victim in remediation – in case the victim is interested in understanding the "where" part, they can search the dark web or Internet themselves – we are sourcing information from the Internet like many security companies. RedDoorz asked help/negotiation services from Cyble, which we explained there is no guarantee it won't appear elsewhere whatsoever.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: