TikTok Denies Breach After Hacker Claims ‘2 Billion Data Records’ Stolen

Introduction

On September 5, a concerning report emerged about a serious vulnerability in TikTok that could have allowed for a one-click account takeover, particularly impacting Android app users. Fortunately, this issue has since been patched by TikTok, leading many users to breathe a sigh of relief. However, excitement quickly turned to worry over the holiday weekend, when reports surfaced alleging that TikTok's systems had been hacked.

Initial claims about the alleged breach first appeared on an online data breach marketplace forum. Subsequently, discussions and reports circulated on Twitter. A TikTok spokesperson has since assured that no evidence of a security breach has been uncovered during their investigations.

In a bid for caution, security experts are recommending that TikTok users change their passwords and activate two-factor authentication to bolster their account security. The first mention of the alleged hack materialized on a breach forum's message board on September 3. The user, operating under the handle "against the west," claimed to have screenshots from TikTok and stated that they had not decided whether to sell the data or release it publicly. The post included links to two samples of the claimed data and a video demonstrating one set of database tables.

The user further alleged that they had extracted a staggering two billion records from TikTok's database. Alongside this, there were claims of stolen internal backend source code. In a related September 3 Twitter update, the user known as Bluehornet reiterated these allegations.

In response to the rising concerns, I reached out to TikTok for clarification. The spokesperson emphasized TikTok's commitment to user privacy and data security, stating, "Our security team investigated these claims and found no evidence of a security breach." The spokesperson also addressed the allegation about the stolen source code, explaining that their investigation determined that the code in question is entirely benign.

Keywords

• TikTok
• Breach
• Hacker
• Data Records
• Security
• Two-Factor Authentication
• Vulnerability
• User Privacy

FAQ

1. What was the reported vulnerability in TikTok? The vulnerability was a serious issue that allowed for a potential one-click account takeover, particularly affecting Android app users. However, TikTok has since patched this issue.

2. Who claimed to have hacked TikTok? A user identified by the handle "against the west" made claims on a breach forum about having screenshots and data from TikTok's systems.

3. How many records were alleged to be stolen? The user claimed to have extracted approximately two billion records from TikTok's database.

4. What actions should TikTok users take to secure their accounts? Security experts recommend that TikTok users change their passwords and enable two-factor authentication as a precautionary measure.

5. What was TikTok's response to the hacking claims? TikTok's spokesperson stated that their security team found no evidence of a security breach following their investigations into the claims.