TikTok Security Breach

On Monday, September 5th security researchers discovered a potential data breach affecting the Chinese company TikTok. Allegedly this data breach involved up to 2 billion user database records, making it one of the largest data breaches of 2022.

According to bleepingcomputer “On Friday, a hacking group known as ‘AgainstTheWest’ created a topic on a hacking forum claiming to have breached both TikTok and WeChat. The user shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.

The threat actor says this server holds 2.05 billion records in a massive 790GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and many more.”

Despite the name, this group claims to only target countries and companies that are hostile to Western Interests including countries like China, Russia, and North Korea. 

TikTok Denies the Data Breach

Tiktok provided a statement to bleepingcomputer where they claim that the news of the company being hacked is false. 

“This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data.” – TikTok.They also elaborated and stated that the leaked data could not be a result of direct scraping because they have security safeguards in place to prevent automated scripts from collecting user information.

Bleeping Computer also attempted to collect a statement from WeChat but they have decided not to make a statement at this time.

While neither company has made a statement confirming if this data breach is legitimate or not, a few third parties have decided to give their opinion on the matter. For example, Troy Hunt the creator of HaveIBeenPwned, which is a data breach notification service confirmed via Twitter that some of the data posted on the forum were legitimate user data.

Based on his findings it doesn’t confirm that data was actually leaked from the company because all of the information was already publicly accessible.

Another figure, BOB Diachenko, a Cyber Threat Intelligence Directory and journalist at SecurityDiscovery.com gave a much more definitive stance. He asserts that there definitely was a data breach but it’s simply a matter of if it originates from TikTok itself or through a compromised third party.

Around the same time as this suspected breach occurred a Microsoft 365 Defender Research team was able to find a vulnerability in the TikTok app for Android that could allow hackers to compromise millions of videos on the platform if they could get a user to click on a malicious link. According to an article by business-standard.com  a quote from tiktok regarding this vulnerability was “Attackers could have leveraged the vulnerability to hijack an account without users’ awareness if a targeted user simply clicked a specially crafted link,”.

AgainstTheWest Banned from Breached Hacking Forum

As of September 8th 2022 the AgainstTheWest threat actor that claimed to have breached TikTok and WeChat has been banned from the Breached hacking forum where they originally posted the leaked data. The owner of Breached, pompompurin had this to say regarding banning of the threat actor

“This thread was restored due to multiple people asking for it back. AgainstTheWest initially deleted it. Please note that the breach is not from TikTok, and that he most likely was lying or didn’t even investigate it before making such outrageous claims.” – pompompurin.

At this point, there is no definitive evidence of whether this data breach is legitimate but we will continue to provide any updates as they are made available.

Sources:

https://www.bleepingcomputer.com/news/security/tiktok-denies-security-breach-after-hackers-leak-user-data-source-code/

https://www.business-standard.com/article/technology/tiktok-hacked-over-2-bn-user-database-records-stolen-security-researchers-122090500767_1.html

Best Read: Google faces record-breaking DDOS Attack

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up for our Newsletter

Stay Connected! Subscribe now to our newsletter.