Tiktok Denies Data Breach Following Hackers Claim of Obtaining Users' Records

A report from Engadget states that TikTok denies the data breach of having records of its two billion users after claims from hacking groups. Adding to this is having the platform's source code as it was compromised by them.

Trump Issues Executive Orders Barring Transactions With TikTok And WeChat
WASHINGTON, DC - AUGUST 07: In this photo illustration, the TikTok app is displayed on an Apple iPhone on August 7, 2020 in Washington, DC. On Thursday evening, President Donald Trump signed an executive order that bans any transactions between the parent company of TikTok, ByteDance, and U.S. citizens due to national security reasons. The president signed a separate executive order banning transactions with China-based tech company Tencent, which owns the app WeChat. Both orders are set to take effect in 45 days. Photo Illustration by Drew Angerer/Getty Images

As per the company via Bloomberg, no evidence was found regarding the breach based on investigations, and the posted source code of the supposed hackers was completely unrelated and different to the platform's secured source code.

TikTok also said that the company has adequate security safeguards to prevent these instances, meaning the alleged hack was impossible to happen.

The supposed hack was allegedly obtained through an insecure cloud server by 'AgainstTheWest'. Screenshots of the database were shared through accessing an Alibaba cloud. Together with TikTok, WeChat's database was also possessed by the same group. No comments were given by WeChat as of the moment.

This contains 2.05 billion records in a massive 790GB database of user data, platform statistics, software code, cookies, auth tokens, server info, and more.

In a Twitter Thread made by Security Researcher Troy Hunt, the contained data was accessible publicly based on the given sample of the hackers and could have been made without the breach. He explained it as "pretty inconclusive." Another possibility, as per Bleeping Computer, is that the data breach could have resulted through a third-party data scraper.

Following this issue, researchers from Microsoft have said that a high-severity vulnerability has been found in Tiktok Android where users' accounts are at risk. The company also confirmed that this was resolved less than a month after disclosing it to TikTok in February 2022.

Goal of AgainstTheWest

The name of the hacking group may sound to some like an attack on Westerners but based on a cybersecurity researcher from CyberKnow, it targets countries and companies who are opposed to Western interests.

The researcher added, "ATW targets countries they perceive to be a threat to western society, currently they are targeting China and Russia and have plans to target North Korea, Belarus, and Iran in the future,".

TikTok and WeChat is Under Investigation in Australia

An order to investigate has been made by Home Affairs Minister Clare O'Neil as TikTok and WeChat's harvesting of data has been concerning them. The report from The Sydney Morning Herald also states that staff from China might easily access personal information of Australians through these applications.

O'Neil stated that this review will not ban the application in the country as the government has no plans of doing that. She added, "The fact that we've got millions of Australians accessing an app where the usage of their data is questionable is very much a modern security challenge for the country and no country in the world has found an easy solution for managing this."

This article is owned by TechTimes


Written by Inno Flores

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics