On specialized forums and social networks over the weekend, a message appeared about a large-scale hacking of the American division of TikTok. The hacker claims to have extracted 2 billion records from the database. However, an analysis of the published part of the information makes experts doubt the fact of the theft.
The first reports of the alleged hack appeared on the Breach Forums on September 3rd. A user with the nickname AgainstTheWest posted screenshots of the TikTok and WeChat hack and stated that the attackers are thinking about selling or publishing the data obtained. Also, 2 samples of the stolen information and a confirming video were made public. On the same day, AgainstTheWest claimed on Twitter that it had stolen the TikTok server-side source code from Alibaba’s cloud server.
Troy Hunt of haveibeenpwned dedicated a Twitter thread to checking the published data. His conclusion after lengthy analysis is that the evidence is “rather inconclusive so far”. Hunt argues that some of the data on internal processes could be taken from the public domain. A number of data, according to him, may be test and do not reflect real information.
Learn how to develop web interfaces to suit your clients
REGISTER!
Well this is going to be interesting — has@tiktok_us been breached? https://t.co/80UGasas1V
— Troy Hunt (@troyhunt) September 4, 2022
It has been suggested on the Hacker News forum that the data looks like it was not taken from TikTok, but from a third party partnering with the company for marketing.
At the moment, the question of the alleged hacking of TikTok accounts remains open – experts have not found unequivocal evidence. The company itself shared the following statement:
“Our security team has reviewed this statement and determined that the code in question is completely unrelated to the TikTok backend source code.”
Whatever the case, users will do well to update their passwords to the popular social network . Regular preventive changes in authorization data help prevent account hijacking.
If your access to TikTok is fine, you can try out the service’s new feature:
TikTok introduces AI text-to-image conversion feature
Source: Forbes
