A few days ago, a hacker group known as “AgainstTheWest” shared a post on a hacking forum claiming to have found security breaches in TikTok and WeChat. However, despite what the group says, TikTok has officially denied all reports about hackers having leaked its source code and sensitive user data.
The original post made by AgainstTheWest contains screenshots of a database that allegedly belongs to TikTok and WeChat. The hackers claim that the 790GB database has over 2 billion records, including user data, platform statistics, software code, tokens, and more.
However, TikTok doesn’t seem happy about the accusations. The company said in a statement to BleepingComputer (via The Verge) that all of the hacker group’s allegations are false. “This is an incorrect claim,” says a company spokesperson. According to TikTok, the source code shared on the forum is not related to the company’s platform.
This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data.
As noted by the report, security expert Troy Hunt (who is the creator of HaveIBeenPwned) mentioned on Twitter that the TikTok data obtained by the hackers is valid. However, the database doesn’t include sensitive data. Hunt claims that “some data is junk” since part of it comes from publicly accessible data.
At the same time, the security expert notes that the database obtained by the hackers does have some internal platform information. This information is not exactly useful, but if true, this reveals that there is a security breach in TikTok.
TikTok under investigation
Both TikTok and WeChat are constantly targets of investigations since both platforms are Chinese. Earlier this year, a Federal Communications Commission commissioner asked Apple and Google to remove TikTok from the App Store and Google Play. At the time, FCC claimed that the social network is a “sophisticated surveillance tool” for the Chinese government.
After that, TikTok committed to change how it manages data from US-based users to avoid a ban.
FTC: We use income earning auto affiliate links. More.
Comments