Security Breach Allegations Hover Over TikTok
Hacking Group AgainstTheWest Claims to Have Leaked User Data and Source Code.
On Friday, September 2, 2022, information emerged on a hacking forum about a data breach that affected TikTok and WeChat social networks. Representatives of TikTok denied firmly the allegation of stolen data.
The claim was made by AgainstTheWest, a hacking group that posted screenshots of the database which supposedly was extracted from the two companies.
An Alibaba cloud instance was pointed to contain a huge 790GB database with 2.05 billion records. The extracted information contains, but doesn’t limit to: user data, platform statistics, software code, cookies, auth tokens, and server info.
Who is AgainstTheWest (ATW)?
AgainstTheWest seems to be a gang of six hackers, active since October 2021, that started a crusade against organizations that they perceive hostile to the West.
“Don’t let the name confuse you, ATW targets countries they perceive to be a threat to western society, currently they are targeting China and Russia and have plans to target North Korea, Belarus and Iran in the future”, according to CyberKnow.
WeChat and TikTok are indeed both Chinese firms, but they belong to different owners: WeChat is owned by Tencent, and TikTok by ByteDance. This leads us to the idea that the common database that has been posted may be created by a third actor, and was not directly breached on the two platforms.
The two companies are constantly in the spotlight of privacy investigations by national services, so finding such a rich cloud instance containing both companies’ data is raising suspicions.
Was There a Data Breach or Not?
TikTok was the one who responded to the information about the data breach and called all the allegations false, indicating the source code posted by hackers as not part of the social network platform.
“This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data.” – TikTok told BleepingComputer.
The social network experts argue furthermore that they implemented appropriate security precautions to stop automated scripts from accumulating user information.
Independent parties like Troy Hunt and Bob Diachenko have their opinions also.
Bob Diachenko, a database hunter, validated the leaked database as being legit, but could not confirm the breach as he could not trace the origin of the data.
Troy Hunt, the creator of the HaveIBeenPwned data breach notification service, confirmed in a Twitter thread that some of the data were valid. However, Hunt could not find anything that is not publicly available in TikTok, thus proving an internal systems breach.
The case is still to unfold but if the stolen data prove to be real, TikTok will have to work to reduce the effects of the leak even if it was not caused by a data breach.
This event comes in a period in which the social network platform has been in the public eye for issues of data privacy and security.