For a few days it was rumored that TikTok had been hacked and that the platform’s source code was stolen, however, the company has denied it at all times. Now it seems that stolen data due to this hack is being leaked to the Internet, although TikTok claims that the published data has nothing to do with the company. A hacker group called “AgainsTheWest” created a forum thread claiming that they had hacked both TikTok and WeChat, showing screenshots of the entire database.
How was TikTok hacked and what was stolen?
The group of hackers claim and have said so in an Internet forum, that they have managed to access a server in the Alibaba cloud where the TikTok and WeChat data are. These cybercriminals say that this hacked server contains 2 billion records in a database almost 800GB in size. What this database contains is the user data, with the username and passwords. In addition, it also has platform statistics, software code, cookies, authentication tokens in case you have authenticated through OAuth, as well as internal server information and much more. Data on payments made on the platform has also been leaked so you should be very careful with the payment information you have saved.
According to the hackers of AgainsTheWest, they only attack targets that may be hostile to Western interests, ie they attack China or Russia among other Eastern countries. However, they do not rule out attacking North Korea, Belarus or Iran in the future. In the following tweet from the cybersecurity company BeeHive, they tell us that according to their reports and investigations, it is true that TikTok has suffered a serious security breach, and that in the coming days we will see the consequences among its users.
Hours later, this company confirmed the security breach that has caused millions of data from its users to be leaked to the Internet. It seems that they have a sample of the data extracted and that they are already leaked to the Internet, in fact, both their email subscribers and private clients have been sent a message warning that their accounts could be in danger.
Days ago, in a profile related to AgainstTheWest, it was already reported that all TikTok data was in the Alibaba Cloud, and that not only did they store absolutely everything, but that the access password was weak, so they were able to access all the data really. quick and easy:
Who would have thought that @TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?
If you look on Twitter and search for “TikTok”, a large number of cybersecurity experts are checking this leak and are giving it as good, so it is essential that you take measures to avoid security risks in your account. However, from the company they continue to deny that they have been hacked, so we must take this information with caution until everything is known.
What to do to protect yourself from this leak?
Although all the data of your users is already on the Internet in the deep web, and we are sure that many cybercriminals want to get hold of this data, it is possible to protect yourself from attackers who try to enter your account. Next, you have the only thing that is in your power to do:
- Change the access password to your TikTok account. Choose a completely different password than the previous one. If the password you previously used was shared with some other service, you will also need to change the password on these other services for security, as it is highly possible that these cybercriminals will test these passwords against other services as well.
- Turn on two-step authentication on TikTok to add another layer of security.
- Force sign out of all your devices, and sign back in to all of them.
As an additional security measure, it is essential that you be very alert in case there are payments on the Internet with your debit, credit or PayPal card associated with any TikTok service, because these payment details have also been leaked and possibly used by cybercriminals to rob you
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.