Home TikTok and WeChat data breach: Real or fake?

TikTok and WeChat data breach: Real or fake?

Sept 6 — On Friday, cyber criminal operators created a new discussion on a hacking forum, where they claimed to have breached both TikTok and WeChat, which maintain billions of monthly users across the globe and own what is perhaps a frighteningly large quantity of data.

The hack

The cyber criminal operators claim to have obtained more than 2 billion records in a 790GB database. Information stolen supposedly includes platform statistics, user data, software code, cookies, authentication tokens, server information and more.

For its part, TikTok has stated that claims concerning the company having experienced a hack are blatantly false. Further, the company reports that the source code shared on hacking forums isn’t part of its platform.

TikTok response

“This is an incorrect claim – our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data,” says TikTok.

Beyond that, TikTok notes that the leaked user data could not have been obtained via a direct scraping of its platform, as the company maintains security safeguards that would prevent automated scripts from pulling user information.

Further analysis

According to experts, because TikTok and WeChat are not owned by the same parent company, the fact that both companies’ data appeared in a single database indicates that there was not a direct breach on either platform.

Some suggest that the database discovered on the chat forum was created by a third-party data scraper or broker who scraped public data from both sets of servers and recorded all of it within a single database.

Because the two companies, TikTok and WeChat, are continually center stage when it comes to privacy and security of user data, the discovery of such a rich cloud instance that may or may not contain both companies’ data has raised suspicions.

Data authenticity

The creator of the HaveIBeenPwned data breach notification service, Troy Hunt, stated in a Twitter thread that some of the stolen data does appear valid. However, Hunt also wrote that he didn’t see anything that isn’t already publicly available.

Similarly, another database analyst suggested that the leaked user data is real, but he was unable to provide definitive information about the origins of the data.

In summary

Thus far, it seems that the ‘leak’ may consist of information that is already publicly available. If further analysis reveals otherwise, TikTok and WeChat may be forced to take action to mitigate security gaps.

This story will be updated as more information becomes available. For further details, please click here. Lastly, to receive more relevant cyber security insights, real-world case-studies and cutting-edge analyses, please sign up for the cybertalk.org newsletter.