TikTok is currently in the process of moving data from its US users over to Oracle infrastructure based in the country. It’s sensitive work and news that TikTok was breached is rather alarming.
Except, the news didn’t come from TikTok itself. Instead, an alleged hacker took to a hacking forum to brag about their breach. The person claimed they had infiltrated a TikTok database and siphoned the data of more than 2 billion users from the platform.
However, when analysing a sample of the data, online security research and creator of Have I Been Pwned, Troy Hunt pointed out that much of the data is publicly accessible in a length Twitter thread embedded below.
Well this is going to be interesting – has @tiktok_us been breached? https://t.co/80UGasas1V
— Troy Hunt (@troyhunt) September 4, 2022
Following analysis, Hunt concluded that the samples provided by the hacker were inconclusive in proving a breach. In addition, TikTok denied that it had been breached.
“TikTok prioritizes the privacy and security of our users’ data. Our security team investigated these claims and found no evidence of a security breach,” a spokesperson for the platform told Forbes.
And it looks as if we take that to the bank because the hacker who claimed to have had this data was banned from the forum they bragged on for “lying about data breaches”. According to reports, the hacker never provided an actual user data samples choosing only to post file samples which were just empty tables.
The common thinking amongst the cybersecurity community is that if there was a breach, it was more likely a breach of a third-party that has access to some TikTok data.
With that in mind, even with TikTok stating it hasn’t been breached, we think this is a great excuse to refresh your password just in case. The last thing you want is to stop seeing videos about corn right?
@schmoyoho intro song for any meal/snack with corn ???? – from iconic interview on @doingthings ♬ It’s Corn – Tariq & The Gregory Brothers & Recess Therapy
