There are more and more attempts by hacker groups to steal sensitive data and more and more important companies are being targeted. We talked about it yesterday with the alleged Vodafone database that appeared on the net, which in the evening provided its position reassuring its users, and we talk about it today with TikTok, which is following the same path as the telephone operator. But first let's try to understand what happened.
A few days ago, a hacker group known as "AgainstTheWest" shared a post on a hacking forum claiming that they found user database breaches in TikTok and WeChat, leaking the source code of the platforms and the data of many subscribers. The post also included some screenshots of a database, presumably owned by TikTok or WeChat, which according to the description should weigh a whopping 790GB and contain over 2 billion records, including user data, platform stats, software code, tokens and more.
A few days ago, a hacker group known as "AgainstTheWest" shared a post on a hacking forum claiming that they found user database breaches in TikTok and WeChat, leaking the source code of the platforms and the data of many subscribers. The post also included some screenshots of a database, presumably owned by TikTok or WeChat, which according to the description should weigh a whopping 790GB and contain over 2 billion records, including user data, platform stats, software code, tokens and more.
However, TikTok immediately moved to defend itself against the allegations by essentially denying everything. The company told Bleeping Computer that all allegations by the hacker group are false. "This is an incorrect claim, we found no evidence of violations," a company spokesperson reported. TikTok's position is therefore quite clear and states that the source code shared on the forum is in no way related to its platform.
Contacted later also by The Verge, the company then wanted to further reassure users by stating that.
"We don't believe users need to take any proactive action and remain committed to the safety and security of our global community."
As the hours go by, the picture is becoming increasingly clear and at the moment it seems that most of the "stolen" data may be made up of public information collected by the platform. One of the Microsoft managers and creator of the famous tool, Have I Been Pwned, Troy Hunt, also expressed himself on the issue, who defined the data held by the hackers as "inconclusive", but hypothesized that they could be test data, not for force stolen through a breach. At the same time, the security expert admits that the database obtained by the hackers contains some internal information about the platform. While the data seems dubious, it still indicates that some form of breach may have been enacted.
TikTok has always been at the center of the cyclone, both for the alleged ties with the Chinese government (Bytedance is based in China), and for the management of user privacy. To soften the most critical positions, the company has worked hard and is trying to take measures that can reassure everyone. An example? He decided to house US user data on Oracle's servers, essentially keeping it "at home" to dispel any doubts about his conduct.
Written by Matteo with love from Italy
Contacted later also by The Verge, the company then wanted to further reassure users by stating that.
"We don't believe users need to take any proactive action and remain committed to the safety and security of our global community."
As the hours go by, the picture is becoming increasingly clear and at the moment it seems that most of the "stolen" data may be made up of public information collected by the platform. One of the Microsoft managers and creator of the famous tool, Have I Been Pwned, Troy Hunt, also expressed himself on the issue, who defined the data held by the hackers as "inconclusive", but hypothesized that they could be test data, not for force stolen through a breach. At the same time, the security expert admits that the database obtained by the hackers contains some internal information about the platform. While the data seems dubious, it still indicates that some form of breach may have been enacted.
TikTok has always been at the center of the cyclone, both for the alleged ties with the Chinese government (Bytedance is based in China), and for the management of user privacy. To soften the most critical positions, the company has worked hard and is trying to take measures that can reassure everyone. An example? He decided to house US user data on Oracle's servers, essentially keeping it "at home" to dispel any doubts about his conduct.
Written by Matteo with love from Italy