Popular short-form video sharing platform TikTok has refuted claims from a hacking group that says it gained access to an internal cloud server containing source code and user information.
The hacking group, which goes by the name AgainstTheWest, shared screenshots of an alleged database belonging to TikTok and WeChat on the Breached hacking forum, according to Bleeping Computer.
AgainstTheWest, despite its name, is actually a hacktivist group that supports Western allies and targets its adversaries like Russia and China, security researcher Cyberknow explains.
The group said it accessed the database on a Alibaba cloud instance, and that the server held over 2 billion records in a 790 GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and more.
But TikTok says these claims of being hacked are completely false. The company told Bleeping Computer:
"This is an incorrect claim—our security team investigated this statement and determined that the code in question is completely unrelated to TikTok's backend source code, which has never been merged with WeChat data."
Though TikTok and WeChat are both based in China, they do not share the same parent company. And since both companies appear in the same database, it's reasonable to assume that this database does not indicate a direct breach on either platform.
So who's telling the truth? Is TikTok trying to hide a massive data breach? Or is AgainstTheWest blowing smoke up our USB ports?
Troy Hunt, the creator of HaveIBeenPwned, shared what he learned about the situation on Twitter:
This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far.— Troy Hunt (@troyhunt) September 5, 2022
Okay, so it might be a breach... but it might not.
Bob Diachenko, a threat intelligence researcher at Security Discovery, also shared on Twitter that he could not confirm if TikTok was breached:
However, since these two security researchers shared what they found on Twitter, the account for AgainstTheWest has been banned on the Breached hacking forum. The owner of Breached, pompompurin, shared this message:
"This thread was restored due to multiple people asking for it back. AgainstTheWest initially deleted it. Please note that the breach is not from TikTok, and that he most likely was lying or didn't even investigate it before making such outrageous claims."
TikTok also doubled down on its stance, confirming that its security team found no evidence of a security breach. A spokesperson for the company said:
"We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases.
The samples also appear to contain data from one or more third-party sources not affiliated with TikTok. We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community."
This story comes at a time when TikTok can not afford any more public scrutiny, as there have recently been reports of TikTok employees in China accessing U.S. user information.
Follow SecureWorld News for updates on the situation.