TikTok Denies Cyber Attack: Did It Really Happen?
Contents
Summary Of The Attack
- Popular short-form social video platform TikTok denied reports that it had been compromised by the hacking group after they claimed to have gained access to an insecure cloud server.
- A hacker organization called “AgainstTheWest” posted a discussion on a forum and claimed that this server contains 2.05 billion records in a vast 790GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and many more.
- Microsoft Corporation revealed on August 31 that it has discovered a high-severity vulnerability in TikTok’s Android application that could have been used by attackers to quickly compromise user accounts.
- It is advised for users of the TikTok video platform to update their passwords and enable two-factor authentication.
Stay Up-To-Date On The Latest Attacks
Be the first to know when our experts release new insights on the top attacks.
You're on the list! Just one more step...
Check your email to confirm your subscription.
What Happened?
Popular short-form social video platform TikTok denied reports that it had been compromised by the hacking group AgainstTheWest after they claimed to have gained access to an insecure cloud server and also mentioning the source code posted on hacking forums isn’t part of its platform.
What Was The Impact?
The denial comes in response to suspected hacking reports that appeared on the breach forums message board on the 3rd of September. The threat actor claimed that the server holds 2.05 billion records in a massive 790GB database.
TikTok also mentioned that the leaked user data could not result from a direct scraping of its platform, as they have adequate security safeguards to prevent automated scripts from collecting user information.
How This Attack Happened
A hacker organization called “AgainstTheWest” posted a discussion on a forum on the 3rd of September, a hacking group known as ‘AgainstTheWest’ created a topic on a hacking forum claiming to have breached both TikTok and WeChat.
The user shared images of what they claim to be screenshots of a database used by the companies, accessed on an Alibaba cloud instance, containing data for both TikTok and WeChat users.
The threat actor claims that this server contains 2.05 billion records in a vast 790GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and many more.
WeChat and TikTok are both Chinese companies, however, they are not owned by the same parent company.
WeChat is owned by Tencent, while TikTok is owned by ByteDance. Thus, the fact that they were both found in the same database suggests that there was not a direct breach on each platform.
Most likely, the unprotected database from a third-party data scraper or broker who scraped publicly available data from both services and exported data into a single database.
Additionally, some security researchers verified the authenticity of the user data that was exposed, but they were unable to draw any firm conclusions regarding the data’s origin.
Personnel from TikTok confirmed that the data samples described are all publicly available and are not the result of any breach of TikTok systems, networks, or databases.
Free Security Policy Templates
Get a step ahead of your cybersecurity goals with our comprehensive templates.