TikTok has denied recent claims it was breached and source code and user data were stolen after a hacking group posted images of what they claim is a TikTok database that contains the platform’s source code and user information. In response to these allegations, Tiktok said its team found no evidence of a security breach.
On Friday, a hacking group known as ‘AgainstTheWest’ created a topic on a hacking forum claiming to have breached both TikTok and WeChat. The account shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.
The hackers say the server holds 2.05 billion records in a massive 790 GB database comtaining user data, platform statistics, software code cookies, authtokens, server info and many more.
TikTok has told BleepingComputer that the claims of the company being hacked are false. Furthermore, the company said the source code shared on the hacking forums isn’t part of its platform.
“We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases,” TikTok spokesperson Maureen Shanahan said in a statement to The Verge. “We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.”
Bleepingcomputer has also reached out to WeChat for a statement, but has not yet received a response.
While WeChat and TikTok are both Chinese firms, they are not owned by the same parent company, with the former belonging to Tencent and the latter to ByteDance.
The two companies are constantly in the spotlight of privacy investigations by national services, so finding such a rich cloud instance containing both companies’ data raises suspicions.