Was TikTok Actually Hacked?

A hacker group claimed to have breached TikTok, but the social media platform insists all the info was publicly available.
Conor Cawley

The world's most popular social media platform may have been hacked over the weekend, exposing two billion user records, along with platform statistics and source code.

However, spokespeople for TikTok have categorically denied that the platform was breached at all, noting that all the information posted on hacker forums is publicly available.

Still, given the hegemonic rivalry between the US and TikTok's home base of China, experts are hesitant to say whether or not data was stolen from the social media platform, so the question remains: Was TikTok hacked?

The TikTok Security “Breach”

On Friday, a hacking group that goes by the name “AgainstTheWest” posted on a hacking forum that they had infiltrated TikTok. In an effort to prove this fact, the group also posted screenshots of a TikTok database containing source code and user data, along with a somewhat antagonistic tweet from a now-suspended account:

“Who would have thought that TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?”

The alleged hack was originally discovered by Bleeping Computer, who relayed that the hackers had reportedly stolen two billion user records and 790GB worth of user data, along with “platform statistics, software code, cookies, auth tokens, and server info.”

However, the plot thickened when TikTok responded to the claims with an outright denial that this kind of breach was even possible.

TikTok Denies Security Breach Reports

As the most popular social media platform in the world, TikTok was understandably quick to respond to the breach, denying that it took any information that wasn't already publicly available.

“We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases,” said Maureen Shanahan, TikTok spokesperson, in a statement to The Verge. “We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.”

Furthermore, TikTok told Bleeping Computer that taking screenshots of its data is impossible given the security measures they have in place, and that the source code in question was not from TikTok at all.

Subsequently, it looks like TikTok may not have been breached, at least according to the company. But what did the experts have to say?

So Was TikTok Actually Hacked?

The jury is still out on whether or not TikTok was actually hacked. The company obviously denies the claims, but it certainly wouldn't be the first time a company tried to cover up a significant data breach.

Moreover, experts have looked into the claims by Tiktok and the hackers and concluded that the evidence is “pretty inconclusive.”

So, if you're a TikTok user, which a vast majority of smartphone owners are, what should you do about your account? If you're going to listen to TikTok, you don't have to do anything. According to the social media powerhouse, the breach compromised no user data, so your information is as safe as it was before the weekend.

If, however, you want to be a bit more proactive about your online security, regardless of whether or not TikTok was hacked, your best bet is to get a password manager. These tools can alert you when your passwords have been compromised, so you can avoid any future breaches. Additionally, antivirus software can be a huge help, alerting you when your device might be housing malicious software.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at conor@tech.co.

Explore More See all news
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today