Popular social video platform TikTok, which claimed to have accessed an insecure cloud server, refuted reports that it had been compromised by hackers.
“TikTok prioritizes the privacy and security of our users’ data, our security team investigated these claims and found no evidence of a security breach.”
The denial comes in response to alleged hacking reports that appeared on the Breach Forums message board on September 3. The threat actor claimed that the server holds 2.05 billion records in a massive 790GB database.
“Who would have thought that TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?” Over the weekend, AgainstTheWest, a hacker collective also known as BlueHornet, tweeted.
The breach is “real,” according to Security Discovery threat intelligence researcher Bob Diachenko, and the data is most likely to have come from “Hangzhou Julun Network Technology Co., Ltd rather than TikTok.”
Nevertheless, it’s unclear at this time exactly where the data came from and whether outside parties have access to this kind of data.
The development happens at a bad time because the company is still under fire for its data security procedures because of its connections to China.