A few days ago, a hacker group known as "AgainstTheWest" shared a post on a hacking forum claiming that they found user database breaches in TikTok and WeChat, leaking the source code of the platforms and the data of many subscribers. The post also included some screenshots of a database, presumably owned by TikTok or WeChat, which according to the description should weigh a whopping 790GB and contain over 2 billion records, including user data, platform stats, software code, tokens and more.
Contacted later also by The Verge, the company then wanted to further reassure users by stating that.
"We don't believe users need to take any proactive action and remain committed to the safety and security of our global community."
As the hours go by, the picture is becoming increasingly clear and at the moment it seems that most of the "stolen" data may be made up of public information collected by the platform. One of the Microsoft managers and creator of the famous tool, Have I Been Pwned, Troy Hunt, also expressed himself on the issue, who defined the data held by the hackers as "inconclusive", but hypothesized that they could be test data, not for force stolen through a breach. At the same time, the security expert admits that the database obtained by the hackers contains some internal information about the platform. While the data seems dubious, it still indicates that some form of breach may have been enacted.
TikTok has always been at the center of the cyclone, both for the alleged ties with the Chinese government (Bytedance is based in China), and for the management of user privacy. To soften the most critical positions, the company has worked hard and is trying to take measures that can reassure everyone. An example? He decided to house US user data on Oracle's servers, essentially keeping it "at home" to dispel any doubts about his conduct.
Written by Matteo with love from Italy