{"id":682,"date":"2022-09-05T21:14:15","date_gmt":"2022-09-05T21:14:15","guid":{"rendered":"https:\/\/cybersecuritynest.com\/?p=682"},"modified":"2022-09-05T21:14:15","modified_gmt":"2022-09-05T21:14:15","slug":"tiktok-hack-over-2-billion-records-from-user-database-stolen-security-researchers-claimed","status":"publish","type":"post","link":"https:\/\/cybersecuritynest.com\/?p=682","title":{"rendered":"TikTok hack: Over 2 billion records from user database stolen: security researchers claimed"},"content":{"rendered":"<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D682\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=682&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47--><p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"8\">Cyber-security experts discovered Monday a possible\u00a0data breach\u00a0within TikTok&#8217;s Chinese short-form video app TikTok. This allegedly involved up to 2 million user records.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"5\">Many cyber-security experts tweeted about the &#8220;breach of an insecure Server that allowed TikTok to access its storage. They believe this contained personal user data.&#8221;<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"1\">This is your forewarning.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"6\">The #data #breach has been reported by #\u00a0<a href=\"https:\/\/www.business-standard.com\/topic\/tiktok\">TikTok<\/a>\u00a0and there could be fallout in the next days.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"10\">&#8220;We recommend that you change your\u00a0<a href=\"https:\/\/www.business-standard.com\/topic\/tiktok\">TikTok<\/a>\u00a0password and enable Two-Factor authentication, if not already.&#8221; Tweeted BeeHive CyberSecurity.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"2\">&#8220;We have reviewed some of the data.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"3\">We have already sent warning communications to our private clients and email subscribers,&#8221; it said.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"12\">Troy Hunt, the creator of\u00a0data breaches\u00a0information site wereibeenpwned posted a thread to Twitter to confirm if the sample data was genuine.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"7\">He said that the evidence so far is &#8220;quite inconclusive&#8221;.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"4\">BlueHornet|AgaisntTheWest posted all the details on breached forums.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"14\">&#8220;Who would&#8217;ve thought @\u00a0TikTok\u00a0would choose to store all of their internal backend code on one Alibaba Cloud instance with a sloppy password?<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"11\">They posted on Twitter about how easy it was to download the data.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"18\">According to reports, a TikTok spokesperson stated that their security team had &#8220;investigated the statement and concluded that the code in question was not related to TikTok\u2019s backend source code.&#8221;<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"17\">The Microsoft 365 Defender Research Team discovered a flaw in TikTok for Android. This vulnerability allows hackers to take over short-form, private videos of millions of users who click on a malicious link.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"15\">Microsoft discovered a serious vulnerability in TikTok Android&#8217;s TikTok application that could have allowed attackers access to user accounts via a single click.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"13\">The vulnerability would have required multiple issues to be linked together to exploit.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"16\">The tech giant stated that hackers could have used the vulnerability to hijack accounts without users&#8217; knowledge if they clicked a link with a specially-crafted link.&#8221;<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"21\">TikTok has denied recent claims that it was breached. Source code and user data were stolen. TikTok told that the data posted on a hacking forum is not related to the company.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"13\">A hacking group called &#8216;AgainstTheWest&#8221; created a topic in a hacking forum on Friday, claiming that they had breached TikTok as well as WeChat.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"22\">One user shared screenshots from an alleged database that belonged to the companies. They claim it was accessed via an Alibaba cloud instance, and contained data for both TikTok users and WeChat users.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"20\">According to the threat actor, this server contains 2.05 billion records in a 790GB database that includes user data, platform statistics and software code. It also contains server information, cookies, auth tokens and server info.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"12\">Although the name AgainstTheWest might sound like a hacking group targeting Western countries, the threat actor claims that they only target countries or companies that are hostile to Western interests.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"23\">&#8220;Don&#8217;t be confused by the name, ATW targets countries that they perceive as a threat to west society. Currently they are targeting China, Russia, and have plans to target North Korea and Belarus in the future,&#8221; says CyberKnow, a cybersecurity researcher.<\/span><\/p>\n<h2><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"1\">TikTok denies being hacked<\/span><\/h2>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"4\">CSNEST has been informed by TikTok that claims of hacking the company are false.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"3\">The company also claimed that the source code posted on hacking forums was not part of its platform.<\/span><\/p>\n<blockquote><p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"15\">&#8220;This is an inaccurate claim. Our security team investigated the statement and found that the code in question was not related to TikTok\u2019s backend code. WeChat data has never been merged with it.&#8221;<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"2\">&#8211; TikTok.<\/span><\/p><\/blockquote>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"19\">TikTok told us that they could not have leaked user data due to direct scraping of their platform. They also assured us that adequate security measures were in place to prevent automated scripts collecting user information.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"7\">Although WeChat is owned by Tencent, TikTok belongs to ByteDance.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"5\">It is possible to see them in one database, which indicates that there was no breach of either platform.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"16\">The unprotected database was most likely created by a third party data broker or data scraper who extracted public data from both services, and then saved it to a single database.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"18\">These two companies are\u00a0<a href=\"https:\/\/www.smh.com.au\/politics\/federal\/home-affairs-to-review-data-harvesting-by-tiktok-and-wechat-20220902-p5bf18.html\">always<\/a>\u00a0under the scrutiny of privacy investigations by national service, so it is concerning to see such a rich cloud instance that contains both companies&#8217; data.<\/span><\/p>\n<p data-inc=\"1\"><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"14\">Troy Hunt, creator of HaveIBeenPwned&#8217;s data breach notification service, stated in a\u00a0<a href=\"https:\/\/twitter.com\/troyhunt\/status\/1566565409939427328\">thread<\/a>\u00a0that some data were valid.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"9\">Hunt was unable to find any data that was not available publicly in TikTok. This proves an internal system breach.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"17\">Bob Diachenko, a &#8220;database hunter&#8221;, also confirmed the leaks as real but could not provide any concrete conclusions regarding the source of the data.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"11\">TikTok may have to take steps to stop the leakage of data even if further investigation reveals that it is legitimate.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"10\">We asked for an additional comment on this front from TikTok, but have not received one.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"8\">As soon as new evidence becomes available, the story will be updated.<\/span><\/p>\n<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D682\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=682&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47-->","protected":false},"excerpt":{"rendered":"<p>Cyber-security experts discovered Monday a possible\u00a0data breach\u00a0within TikTok&#8217;s Chinese short-form video app TikTok. This allegedly involved up to 2 million user records. Many cyber-security experts tweeted about the &#8220;breach of an insecure Server that allowed TikTok to access its storage. They believe this contained personal user data.&#8221; This is your forewarning.\u00a0The #data #breach has been [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":683,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[9,13],"tags":[],"class_list":["post-682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attack","category-mobile"],"aioseo_notices":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/682"}],"collection":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=682"}],"version-history":[{"count":1,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/682\/revisions"}],"predecessor-version":[{"id":684,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/682\/revisions\/684"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/media\/683"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}