TikTok Denies Data Breach After Hackers Claim Stealing 2 Billion Records (Updated)

Reports of the supposed hacking of TikTok appeared on September 3rd, 2022 on the Breach Forums which surfaced as an alternative to popular and now-sized Raidforums.

Several IT security analysts tweeted about TikTok becoming a data breach victim over the weekend. Security analysts stated that the platform’s security was breached through an internal server that allowed the hackers access to its data storage that contained users’ data.

Reports of the supposed hacking of TikTok appeared on September 3rd, 2022 on the Breach Forums, a hacker, cybercrime forum which surfaced as an alternative to popular and now-sized Raidforums.

As seen by Hackread.com a member of the forum using the handle “AgainstTheWest” posted screenshots of the WeChat and TikTok data breach and stated that they hadn’t yet decided whether to leak the data or sell it publicly.

TikTok Denies Data Breach After Hackers Claim stealing 2 Million Records
Screengrab: Hackread.com

The hacker also published links to two data samples and a video of one set of database samples. The hacker also claimed to have stolen TikTok’s internal backend source code. However, the company’s spokesperson has claimed no evidence of a security breach. 

It is worth noting that the hacker is claiming to have stolen 2 billion TikTok records including internal statistics, code, 790 GB worth of user data, and more.

“Our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code.”

TikTok

­ Analysis of Data Samples

Troy Hunt of HaveIbeenPwned examined data samples available in the leaked documents and was able to match user profiles and videos posted under the IDs. However, Hunt also found that some of the details in the leak were already publicly available and would not require a breach for access.

Hunt tweeted that his analysis was inconclusive. Some data matched production information, but it was publicly available, whereas some data was junk and could either be a test or non-production data. Hunt regarded the data as “a mixed bag.”

Nonetheless, it is always a good idea to change your password regularly and keep an eye on any suspicious activity on your social media accounts.

Update

The adminitrator of Breach Forums has banned the self-proclaimed hacker “AgainstTheWest.” The admin has also labeled the TikTok and WeChat data breach claims as phony.

Screenshot from the post published by Breach Forum’s admin
  1. TikTok vulnerability allowed hackers to send SMS with malware
  2. Data analytics firm exposed 2m Instagram and TikTok users’ data
  3. New smishing scam spreads fake TikTok App loaded with malware
  4. TikTok vulnerability allowed hackers to access users’ phone numbers
Total
0
Shares
Related Posts