Making Sense of the TikTok “Data Breach”
September 8, 2022
On September 3 around 9pm, a user by the name of AgainstTheWest started a thread on breached.to titled “The Tiktok & WeChat breach”. Breached.to, better known as Breach Forums, is a site where data leaks are uploaded and even purchased. AgainstTheWest posted screenshots of a supposed data breach from two Chinese-owned applications, TikTok and WeChat. TikTok is a popular social media platform used across the globe, while WeChat is a state-sponsored messaging app mainly used in China. The latter can also be used for vlogging and making payments, which means that potential data leaks are especially concerning.
It’s important to note that AgainstTheWest (ATW) has been banned on both the Breached forums and on Twitter. The owner of Breached has stated that it’s not the first time the user has made “outrageous claims” regarding large scale data leaks. The first time ATW did this was in May 2022, when ATW claimed to have accessed personal information from Russian generals, with the help of Anonymous, due to a data leak. This claim was later disproved by a user on Telegram. Despite this incident, many have studied a sample of the supposed breach to see if there is any credibility to ATW’s recent claims.
Considering how many users are on TikTok and the amount of safety concerns that surround the app, it’s no surprise that this news spread like wildfire. However, the validity of these claims has come into question. Some claim that the breach is true, others state that it’s not a sensitive data breach, and the rest outright dismiss it.
Much of the conversation regarding the alleged data breach took place on Twitter. Initially, the news about the leak gained traction when a cyber security research team by the name of BeeHive CyberSecurity confirmed the data breach.
Troy Hunt, a Microsoft Regional Director who’s also heavily involved in Microsoft’s Developer Security, looked into the alleged breach. In his Twitter thread, he went through a sample of the supposed data breach for TikTok and found that the data was legitimate. However, the data could have easily been dug up in other ways, as it is publicly accessible. Hunt found that certain files looked fake and that others containing PayPal info couldn’t be verified. Hunt attempted to verify the WeChat data but was unable to do so due to a lack of access. Still, Hunt managed to identify made-up file names and locations. Hunt came to the conclusion that the alleged data breach was a very mixed bag but ultimately dismissable because of a lack of evidence.
Twitter user Volodomyr “Bob” Diachenko, a Security Researcher and Consultant, confirmed that TikTok suffered a partial data breach after analyzing the data samples. In his thread, he tried to find the origin of the alleged data breach. Diachenko made an interesting find stating that most of the data came from a third party source called “Hangzhou Julun Network Technology Co., Ltd.”. This raises an even bigger question: why does this source have so much data saved from TikTok and WeChat?
WeChat has not sent out a response regarding the data breach claims. TikTok has openly and firmly denied the hacking allegations. However, whether TikTok is being truthful or not remains in question. Could it be that they don’t want to admit to a breach because it could reveal bad security practices and illicit data collection? Is the breach too fresh to properly identify? Concerns still linger regarding TikTok’s online privacy practices, especially at the federal level. In recent related news, President Joe Biden discussed plans to carry out government action to prevent data collection from-Chinese owned apps like TikTok.
The most important question remaining is: what should be taken from all this? The biggest takeaway is that data breaches are not uncommon, especially in today’s world, where cyber attacks have become more and more powerful. Therefore, it’s imperative that everyone takes extra steps to keep their information secure on the internet. Enabling two-factor authentication can do a lot to prevent unauthorized access to accounts. Keeping sensitive information away from sites and apps that aren’t considered secure is a great way to avoid suffering any privacy threats from data breaches. Finally, it’s wise to use different passwords and to change them regularly. It is rash to share the same password for an online banking account and a MyPanera account.
Regarding the alleged TikTok and WeChat breach, as of right now it remains uncertain whether the breach involved sensitive, non-public information. The best course of action to take is to continuously practice the previously mentioned online security measures.