TikTok Denies It Was Hacked After a Gang Claimed to Leak Users’ Data

Was TikTok hacked? According to the corporate itself, the reply to that query is: undoubtedly not. And safety researchers who’ve regarded into the matter appear to agree.

Why is TikTok fielding claims of a knowledge breach? On Friday, a hacker group calling itself “AgainstTheWest” posted a thread to a well known cybercrime discussion board claiming to have hacked each TikTok and the favored Chinese messaging app WeChat. Members of the group shared screenshots of an alleged 790 gigabyte database that they mentioned they breached, which supposedly held information on each apps. The hackers asserted they had stolen an astounding quantity of delicate data from this database, together with proprietary firm code, platform consumer information and statistics, and safety information like cookies and authorization tokens.

The claims took on a lifetime of their very own earlier than they might be verified. On Twitter, panic appeared significantly acute: “The data of 2 billion TikTok users (i.e. all of them) has been stolen,” one individual wrote, sharing screenshots of the supposed information (TikTok reported having a billion customers in Sept. 2021). Another consumer tweeted: “TikTok’s entire database has been breached!”

But, in line with TikTok, all of that is a lot ado about nothing. In an announcement shared with Gizmodo on Tuesday, a spokesperson denied the claims:

“Our security team has found no evidence of a security breach. We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases. The samples also appear to contain data from one or more third party sources not affiliated with TikTok. We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.”

Additionally, not lengthy after the supposed “breach” was shared with the net, “AgainstTheWest” eliminated its boasting put up. Later, the cybercrime discussion board banned the group for “lying about data breaches.”

Security researchers dug into the leaked information in an try to resolve whether or not it was actual or not. Troy Hunt, creator of the info breach checker HaveIBeenPwned, prompt via Twitter on Monday that among the information appeared legitimate, however that the majority of it may merely have been publicly scraped. Meanwhile, Bob Diachenko, one other researcher, instructed Gizmodo that he had been parsing the info and located proof that a few of it was professional however may solely speculate as to the place it might have come from. Both researchers didn’t see something that will definitively verify the declare of a hack towards TikTok.

Of course, simply because “AgainstTheWest” may be stuffed with it, that doesn’t imply that TikTok has nice digital safety. Just final week, researchers uncovered a reasonably devastating vulnerability within the platform’s Android app that allowed for the hijacking of consumer accounts with a single-click exploit (principally Amazon Prime however for information theft). The flaw has since been patched, nevertheless it actually doesn’t encourage confidence. At the identical time, when you’re actually nervous about information privateness and safety, permit me to recommend that—for pretty obvious reasons—TikTok just isn’t the app for you.