TikTok is denying reports that it was breached after a hacking group posted images of what it claims to be a TikTok database containing (via) the platform’s source code and user information. Bleeping computer) In response to these allegations, TikTok said its team found “no evidence of a security breach.”
According to Bleeping computer, the hackers shared images of the alleged database to a hacking forum, saying they obtained the data on a server used by TikTok. It claims the server stores 2 billion records and 790GB worth of user data, platform statistics, code and more.
“We have verified that all of the data samples in question are publicly available and not due to a compromise of TikTok’s systems, networks or databases,” TikTok spokeswoman Maureen Shanahan said in a statement. to the edge. “We do not believe that consumers should take any proactive measures and we are committed to the safety and security of our global community.”
It is so far incomplete; Some of the data is equivalent to production information, even if it is publicly accessible information. Some data is junk, but it can be non-production or test data. It’s been a bit of a mixed bag so far.
— Troy Hunt (@troyhunt) September 5, 2022
Much of the “stolen” data appears to be public-facing information scraped from the platform. Troy Hunt, regional director at Microsoft and creator of the Have I Been Punned tool, Called hackers data “Indeterminate,” but speculated that “it might be non-production or test data” that probably wasn’t taken by the breach.
The hacking group, which calls itself “AgainstTheWest,” said it also obtained data from the Chinese messaging app WeChat. however, Hunt could not confirm Whether the hackers’ database contained the stolen information and WeChat did not immediately respond to the edgeRequest for comment.
Both TikTok and WeChat are under scrutiny over their ties to China (ByteDance, TikTok’s parent company, is based in China). TikTok has taken several steps, including placing American data on Oracle’s US-based servers, in an effort to deflect recent reports about TikTok employees in China accessing US users’ information.