The short video-sharing app, TikTok, has reportedly suffered a breach and threat actors have published the data online. According to the details, the leaked data allegedly involves over 2 billion user accounts that could have been compromised as a result of the breach.
The hacking group known as ‘AgainstTheWest’ published a post on Breach Forums message board claiming to have hacked a TikTok server and obtained important source code and user data. The group also shared screenshots of this alleged user data and claimed to have access to a cloud server with data for both TikTok and WeChat users.
This is your forewarning. #TikTok has reportedly suffered a #data #breach, and if true there may be fallout from it in the coming days. We recommend you change your TikTok #password and enable Two-Factor Authentication, if you have not done so already. pic.twitter.com/SvifAp5B24— BeeHive CyberSecurity (@BeeHiveCyberSec) September 4, 2022
However, TikTok has denied the reports and said that its team found no evidence of a data breach and data samples shared by the hacking group are all publicly accessible. “We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.” the company told The Verge.
Regional director at Microsoft, Troy Hunt, also shared his opinion on the leaked TikTok user data and said that he had found no evidence of a hack and the alleged user data was ‘inconclusive’ and matched production info that was publicly accessible. However, he added that leaked data could be non-production or test data.
This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far.— Troy Hunt (@troyhunt) September 5, 2022