Skip to main content

TikTok continues to rebut reports of a security breach

Popular short-form video app TikTok recently found itself having to refute claims that it had been hacked, and is continuing to rebut the charge.

According to BleepingComputer, as early as late last week, a hacking group known as AgainstTheWest, posted to a forum saying that it had hacked TikTok and a messaging app known as WeChat. The forum post also included screenshots, which were of “an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.”

The most concerning thing about this security breach claim is that the server that was breached allegedly contains 2.05 billion records within a 790GB database which houses “user data, platform statistics, software code, cookies, auth tokens, server info, and many more.”

But on Monday, TikTok posted a tweet denying that it had been breached, saying that after its security team’s investigation into the hackers’ claims, it “found no evidence of a security breach.”

TikTok prioritizes the privacy and security of our users’ data. Our security team investigated these claims and found no evidence of a security breach.

— TikTokComms (@TikTokComms) September 5, 2022

TikTok also confirmed further details on the matter to The Verge, saying that TikTok users didn’t need to do anything and that “the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases.”

Additionally, Troy Hunt, a Microsoft regional director and creator of the Have I Been Pwned website, posted a tweet thread about the security breach claims. In the thread, Hunt tries to verify the claims and is able to match some of the data to “publicly accessible videos.” But while Hunt is able to do so, he still notes that the data itself is publicly accessible and therefore it’s still possible that it was “constructed without breach…”

But this is all publicly accessible data so it *could* have been constructed without breach, let's look further…

— Troy Hunt (@troyhunt) September 4, 2022

Ultimately, in terms of the alleged TikTok breach data, Hunt deemed the data “inconclusive.”

This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far.

— Troy Hunt (@troyhunt) September 5, 2022

And in another development in the story of the hackers’ claim, BleepingComputer reported on Tuesday that the account that posted the breach claim on a hackers’ forum has now been banned from that forum. The account was apparently banned “for not properly investigating the breach” prior to posting about it.

Editors' Recommendations

Anita George
Anita has been a technology reporter since 2013 and currently writes for the Computing section at Digital Trends. She began…
What is Twitter Blue and is it worth it?
Twitter Blue menu option on a white screen background which is on a black background.

If you spend time on Twitter, you've probably heard the phrase "Twitter Blue" at some point and wondered what exactly it is. We're not talking about the signature shade of blue featured in its logo -- we're talking about the premium version of Twitter.

That's right. There's a paid tier for Twitter that many people don't even know exists that launched in July of 2021. And then relaunched again under Elon Musk's ownership in November 2022. Don't worry -- we'll explain everything below.
What is Twitter Blue?

Read more
What is Mastodon? Here’s why everyone’s talking about this Twitter alternative
Series of four mobile screenshots showing Mastodon's sign-up process.

By now you've no doubt heard about Mastodon. It's a social media platform that's been bandied about as an alternative to Twitter, particularly among users who aren't comfortable with the direction Twitter is going in now that Elon Musk is at the helm.

In fact, since Musk first announced that he was planning on buying the popular microblogging platform, Mastodon has garnered quite a bit of attention and experienced significant growth. But though you've likely heard about Mastodon, you may not be familiar with how it works or haven't decided whether or not it would be a good fit for you if you ever choose to leave Twitter and need an alternative social media platform. Don't worry. We've got you covered. In this guide, we'll get you up to speed on everything you need to know about social media's buzziest new platform.
What is Mastodon?

Read more
Twitter’s SMS two-factor authentication is having issues. Here’s how to switch methods
A person's hands holding a smartphone as they browse Twitter on it.

It might be a good idea to review and change your two-factor authentication options for Twitter. Elon Musk's Twitter has another issue for its users to worry about.

Twitter has reportedly been having issues with its SMS two-factor authentication feature (2FA). According to Wired, beginning as early as this past weekend, some Twitter users have reported difficulties logging in to their Twitter accounts due to the app's SMS 2FA feature not working properly. Essentially, the feature relies on the app sending users an authentication code via text message, which they can then enter as a second step in the login process.

Read more