Share this article on:
A hacking group posted images of an alleged “TikTok database that contains the platform’s source code and user information” but TikTok denied the security breach claim due to “finding no evidence of a security breach”.
Hackers calling themselves "AgainstTheWest" shared images of the alleged database to a hacking forum, claiming the data they obtained on a server used by TikTok.
The hacking group reportedly accessed the server stores of over two billion records and 790GB worth of user data, platform statistics, code, and more.
In a statement, TikTok spokesperson Maureen Shanahan asserted that the social media platform does not believe users "need to take any proactive actions, and we remain committed to the safety and security of our global community".
"We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases," Shanahan added.
Most of the "stolen" data appears to have been public-facing information scraped from the platform.
Troy Hunt, a regional director at Microsoft and the creator of the Have I Been Pwned tool, called the hackers’ data "inconclusive" but surmised "it could be non-production or test data" that likely wasn’t taken through a breach.
The hacking group claim they also obtained data from the Chinese messaging app WeChat.
However, Hunt was unable to confirm whether the hackers’ database contained stolen information, and WeChat didn’t immediately respond to requests for comment.
TikTok and WeChat have come under scrutiny over their ties to China (ByteDance, TikTok’s parent company, is based in China).
TikTok has taken several steps, such as housing American data on Oracle’s US-based servers, in an attempt to reverse recent reports about TikTok employees in China accessing US users’ information.
[Related: Hackers leveraging on AWS apps to build phishing pages]