TikTok Hacked, Over 2 Billion User Database Records Stolen: Security Researchers

Cybersecurity researchers on Monday discovered a potential data breach in Chinese short-form video app TikTok that reportedly includes up to 2 billion user database records.

Several cybersecurity analysts tweeted about the discovery of what was a “breach of an unsecured server that allowed access to TikTok storage believed to contain personal user data.”

“This is your warning. #TikTok has reportedly suffered a #data #breach and if true there may be fallout in the coming days. We recommend that you change your #TikTok password and enable two-factor authentication if you haven’t already done so ,” tweeted BeeHive CyberSecurity.

“We have reviewed a sample of the extracted data. We have already sent out warning messages to our email subscribers and private clients,” he added.

Troy Hunt, creator of the data breach website haveibeenpwned, posted a thread on Twitter to verify whether the sample data was genuine or not. For him, the evidence is “so far quite inconclusive”.

BlueHornet|AgaisntTheWest posted all the details on the hacked forums.

“Who would have thought that @TikTok would decide to store all of their internal backend source code on a single Alibaba Cloud instance using a nonsensical password?” they tweeted and wrote about how easily they could download the data.

A TikTok spokesperson said in the news that their security team “investigated this statement and found that the code in question is completely unrelated to TikTok’s backend source code.”

The Microsoft 365 Defender research team has just discovered a vulnerability in the TikTok app for Android that could allow hackers to take over the private short videos of millions of users once they click on a malicious link.

Microsoft has discovered a very serious vulnerability in the TikTok app for Android that could allow attackers to compromise users’ accounts with a single click.

The vulnerability, which would have required the combination of several issues to exploit, has now been patched by the Chinese company.

“Attackers could use the vulnerability to hijack an account without users’ knowledge if the target user simply clicked on a specially crafted link,” the tech giant said in a statement last week.


I am Sanjit Gupta. I have completed my BMS then MMS both in marketing. I even did a diploma in computer software and Digital Marketing.

Articles: 4841

Newsletter Updates

Enter your email address below to subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: