Social media app TikTok is denying reports that it was breached after a hacking group posted images claiming to have gained access to over two billion user database records.
According to reports posted on MSN, Bleeping Computer, and The Verge, several cybersecurity analysts discovered the “Breach” of an insecure server that allowed access to TikTok’s storage, which they believe contained personal user data.
“This is your forewarning. #TikTok has reportedly suffered a #data #breach, and if true there may be fallout from it in the coming days. We recommend you change your TikTok #password and enable Two-Factor Authentication if you have not done so already” further stating they have reviewed a sample of the extracted data and have sent out warnings to their subscribers and private client,” a cybersecurity account tweeted out.
The hackers have shared images of the alleged database on a hacking forum claiming the server breached stores of over two billion records and 790GB worth of user data, platform statistics, code, and more.
The hacking group known as BlueHornet/AgainstTheWest said this along with sharing a sample of the allegedly stolen data: “Who would have thought that @TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?”
The group also claims to have breached the Chinese messaging app WeChat but at the time of publishing this claim was unable to be confirmed.
In response to the allegations, TikTok says its team has “found no evidence of a security breach.”
“We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases. We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community,” says TikTok spokesperson Maureen Shanahan.
This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far.
— Troy Hunt (@troyhunt) September 5, 2022
If that is the case, most of the “breached” data appear to be public-facing information that was scraped from the platform and could be non-production or test data that likely wasn’t taken through a breach.
Regardless, it is never a bad idea for users to update their passwords and two-factor authentication, just to be safe.
Image credits: Header photo licensed via Depositphotos.