TikTok Denies Data Breach Allegedly Affecting 2 Billion Users

Jamie Kavanagh
Jamie Kavanagh
September 15th, 2022

The giant that is TikTok has never been far from controversy, but this latest news could be the biggest yet. It is alleged that TikTok has been hit with a massive data breach that could impact all of its 2 billion users.

It’s important to note that TikTok denies this outright, but they would, wouldn’t they?

“We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases,” said the firm, in a statement.

“We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.”

The breach is said to include database information, source code for the platform, and user records. Around 790GB of data has been made available all in all.

Breach, or a Shocking Status Quo

There is still some suspicion around whether the leak as due to a breach or not, but we know with certainty that at least some of the data is already publicly available.

The 790GB of data includes 2.05 billion records. Some researchers say it’s all publicly available information if you know where to look.

"This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info," security researcher Troy Hunt said in a tweet. "Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far."

The data was initially made available on the Breach Forums earlier this month, and was apparently taken from TikTok’s Alibaba cloud storage account.

Owned and operated by Chinese company ByteDance, TikTok has remained in the headlines ever since it began becoming popular in the west. As its owned by a Chinese company and subject to scrutiny from the Chinese state, the network has always been viewed with suspicion.

President Trump tried to ban TikTok in the US but failed. It did result in ByteDance moving data related to US TikTok users to servers operated by Oracle within the States.

Whatever the truth of the situation, it’s just one more example of the dangerous amounts of data collected by social networks.

While there is no need to take any action here, being aware of just what you share, when, and where is something we all need to do.

© 2023 Redact - All rights reserved