TikTok has denied a claim that it had been breached after a hacker on a popular hacking forum said they had obtained both user data and source code from the popular service.
A hacker going by the name of “AgainstTheWest” claimed to have breached TikTok on Breach Forums on Sept. 3 and claimed to have stolen data from the Chinese instant messaging app WeChat as well. The hacker shared screenshots of alleged databases belonging to the companies and claimed they contained 2.05 billion records over 790 GB.
AgainstTheWest claimed to have obtained the data from an Alibaba Group Holding Ltd. cloud instance. Given how often data breaches occur with exposed Amazon Web Services Inc. cloud instances, the claim is believable, but doubts followed shortly after that.
In response to the claimed data breach, TikTok said that the claim is false and that the source code shared by th hacker isn’t part of their platform. “This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data,” a spokesperson for TikTok told Bleeping Computer.
However, some of the user data in the alleged data breach has been found to be legitimate. Troy Hunt from HaveIBeenPwnd tested the data and found some matches.
This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It’s a bit of a mixed bag so far.
— Troy Hunt (@troyhunt) September 5, 2022
TikTok confirmed the presence of some data, saying that it could not have been a result of direct scraping of its platform. Bleeping Computer suggests that the data may have been gathered by a third-party data scraper or broker who scrapped publically available data.
Notably, Breach Forums, a successor site to the now shut down RaidForums, has banned AgainstTheWest for “lying about data breaches.” The move is surprising given that the forum is a cesspool of data breaches, ransomware leaks and other stolen material. Still, perhaps there is honor among thieves when someone makes a provably false claim.
The claim that Tiktok was breached comes after the Microsoft 365 Defender Research Team wrote on Aug. 31 about a vulnerability in the TikTok Android application that could have allowed attackers to compromise user accounts.
Described as a “high severity” security flaw, the vulnerability was fixed by TikTok before the details were published. While the Microsoft researchers claimed that there is no evidence that the vulnerability had been exploited, it does raise concerns that TikTok could have been previously breached.
Images: Unsplash, Breach Forums
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.