Data breach at Pine Labs exposes 500,000 records

Debangana Ghosh Mumbai | Updated on August 20, 2021

The data leak included invoices of Pine Labs with various financial institutions and Indian banks.   -

Pine Labs terms claims of hacking as baseless

Around 500,000 records of Pine Labs including confidential client agreements, employee data, financial reports, and other internal documents were allegedly hacked by BlackMatter Ransomware Group according to Cyble Research Labs. Screenshots of the data leaked were shared on Cyble’s website on August 11.

Pine Labs, however, denied the claims.

Pine Labs is a B2B fintech solutions company working with various financial institutions and merchants.

BlackMatter Ransomware’s post showed 100GB of data was accessed, of which 500 MB worth of data had been shared as a sample.

The leaked data

The data leaked included service and private agreements, and invoices of Pine Labs with various financial institutions and Indian banks. Names, departments and email ids of several Pine Labs employees, too, were leaked. BusinessLine reviewed parts of the sample data.

“The attack came into the limelight after the BlackMatter ransomware group updated its victim list on its leak website on August 10, 2021. The impact of this attack is significant, as initial investigations indicate that the incident has affected multiple financial institutions using Pine Labs services across India,” Cyble wrote.

Sanjeev Kumar, Chief Technology Officer, Pine Labs, called the data leak baseless. “This is baseless. Pine Labs continues to be one of the most secure and compliant PCI-DSS platform. We can confidently state that our systems continue to be fully secure and our production systems continue to operate as usual and all customer data is safe,” he told BusinessLine.


Sunny Nehra, admin of the cybersecurity firm Hacks and Security, told BusinessLine that while the data sets prove the breach took place at Pine Labs’ end, there’s always a possibility that the loophole in the network came from one of the client’s system or even employees.

“Systems of employees of Pine Labs could be an easy target for a ransomware attack. But I would like to believe that the company didn’t share such confidential business agreements with the employees. In all probability, Pine Labs’ system was attacked and they would need to do a thorough survey,” Nehra added.

BlackMatter Ransomware Group became active recently, in the past one to three weeks, Karmesh Gupta, co-founder and CEO, WiJungle, a cybersecurity company, told BusinessLine.

“Most of the breaches in the past were done by REvil and DarkSide ransomware groups, which went low lately. That’s when BlackMatter surfaced, mostly likely founded by the members of the previous groups,” Gupta said.

“BlackMatter has been majorly focusing on financial institutions, especially those using English as a common language for work,” he added. HHCP, a US-based construction company, and Huck Bouma PC, a Legal Services Company in US, have been targets too, Gupta revealed.

Published on August 17, 2021

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor

You May Also Like