IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

TikTok refutes allegations of a massive security breach

The alleged hack compromised account details of over two billion TikTok users

A man walking in front of a neon TikTok sign on an office wall

TikTok has denied being hit by a security breach after posts on hacking forums suggested the app's source code, including account details of potentially billions of users were compromised.

A database with more than two billion entries concerning TikTok and WeChat accounts had been compromised and in possession of a hacking group, according to one forum post. 

However, in a statement posted to Twitter, the company said it “found no evidence of a breach,” after investigating the claims. TikTok also stated that the alleged source code made public by the hackers “is completely unrelated to TikTok’s backend source code.”

"TikTok prioritizes the privacy and security of our users' data. Our security team investigated these claims and found no evidence of a security breach," the ByteDance-owned company told The Hacker News. 

Backing TikTok’s rebuttal, security researcher Troy Hunt tweeted, “This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far."

Even so, a threat intelligence researcher at Security Discovery, Bob Diachenko, claims that the breach is indeed "real" and allowed for a “partial users data leak”, after analyzing publicly exposed data. The data is likely to have originated from Hangzhou Julun Network Technology Co Ltd rather than TikTok, added Diachenko.

Related Resource

An EDR buyer's guide

How to pick the best endpoint detection and response solution for your business

Whitepaper cover with title and image of grey and green blocks, with the green ones connected to each otherFree Download

TikTok’s security incident comes days after Microsoft researchers discovered a “high-severity vulnerability” in TikTok’s Android app.

Last month, Oracle struck a deal with TikTok to obtain all facets of the social media firm's US user data, as well as perform data management and auditing services for the company. 

TikTok entered into negotiations with Oracle almost two years after former president Donald Trump mandated the company explore divestment options over national security reasons or risk being banned from doing business in the country.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Salesforce co-CEO Bret Taylor resigns with cryptic parting message
Business operations

Salesforce co-CEO Bret Taylor resigns with cryptic parting message

1 Dec 2022
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022