TikTok denies hacker group’s claim of massive data breach

TikTok firmly denied a hacker group’s declare that it was capable of get hold of the supply code and consumer information from the favored video-sharing platform.

The hacker group “AgainstTheWest” claimed in a web based discussion board to have breached a server utilized by TikTok that contained greater than 2 billion information and an array of consumer information, authentication tokens and different delicate data associated to the corporate.

The hackers included what they claimed to be screenshots tied to the database.

A TikTok spokesperson mentioned the China-owned firm’s “safety crew has discovered no proof of a safety breach.” 

“We’ve got confirmed that the info samples in query are all publicly accessible and will not be because of any compromise of TikTok methods, networks, or databases,” the spokesperson mentioned.

“The samples additionally seem to comprise information from a number of third-party sources not affiliated with TikTok,” the spokesperson added. “We don’t imagine customers must take any proactive actions, and we stay dedicated to the protection and safety of our international group.”

The unique discussion board thread detailing the hack was deleted, however later restored alongside a “employees edit” from a moderator who mentioned the unique poster “almost certainly was mendacity” in regards to the breach. The moderator added that AgainstTheWest has a “lengthy historical past of mendacity about breaches and different issues.

In the identical submit, the hackers claimed to have gained entry to information from the Chinese language social media app WeChat. The Submit has reached out for remark.

Bleeping Computer was first to report on the scenario.

Cybersecurity researcher Troy Hunt, the creator of the “Have I Been Pwned?” on-line service that enables customers to find out if their e-mail handle is compromised, additionally raised questions in regards to the breach – noting the knowledge revealed to this point was publicly accessible.

“That is to this point fairly inconclusive; some information matches manufacturing data, albeit publicly accessible data,” Hunt mentioned. “Some information is junk, nevertheless it might be non-production or check information. It’s a little bit of a blended bag to this point.”

The alleged breach is the most recent headache for TikTok, which has drawn mounting scrutiny in current months over its father or mother firm ByteDance’s ties to the Chinese language authorities. Lawmakers and different critics have argued Beijing’s involvement constitutes a nationwide safety threat.

In June, FCC Commissioner Brendan Carr known as for the TikTok app to be faraway from the Apple and Google app shops, citing a Buzzfeed report that detailed leaked audio from conferences during which American TikTok staff indicated China-based staff of father or mother firm ByteDance had entry nonpublic US consumer information.

TikTok has insisted that China doesn’t have entry to the info of US customers and says it takes steps to make sure privateness. The corporate not too long ago migrated US consumer information to servers operated by Oracle.