A while ago, news surfaced about a couple of cybersecurity experts discovering some information about “a breach of an insecure server” which is believed to have contained TikTok’s user data, and some believe that a hacking group has also breached the weChat service. Today, we explore what’s known about the incidents in question. As these incidents are still considered to be very “fresh” and “hot”, this article may be updated with new information as time goes on.
TikTok & weChat – What Are They?
At this point, TikTok is not a new platform for anyone – the service is essentially known for letting users share short video clips in the “portrait” format (videos that can be shared should have height of 1080 pixels and the width of 1920 pixels.
For some, weChat may be a little less known – it’s essentially an app that’s similar to WhatsApp that allows people to chat between themselves and make calls. WeChat also lets their users send payments between themselves by using the WeChat Pay feature. The service (weChat) was initially released in 2011 and is said to have quickly risen towards being one of the biggest applications for mobile phones user-wise. At present, it is widely believed that weChat has over 1 billion users.
The Data Breaches
On Friday, a hacking group called “AgainstTheWest” created a thread on a hacking forum where, people say, they’ve claimed to have breached both TikTok & weChat. People say that in the same thread, hackers have shared screenshots of an alleged user database and the source code of the platform. While TikTok investigated the incident, they said it’s team have fonud no evidence of a data breach and so they’ve denied the reports.
Security experts believe that TikTok got their data and source code breached due to them storing all of the source code belonging to the app on one Alibaba Cloud instance and afterwards protecting it with a weak password. Some believe that as many as 2 billion rows of records could have been stolen by the attacker. A report by SecurityAffairs suggests that the server which has been accessed by the attacker(s) might have contained 2.05 billion records and the entire size of the database was as large as 790GB.
While TikTok is known to deny the data breach, some journalists in the cyber threat intelligence space are said to have analyzed the data and they’ve stated that the TikTok data breach is real (images from Twitter):
Image 2 – the alleged database structure of the website
Some security researchers pointed out that the data likely came from “Hangzhou Julun Network Technology Co., Ltd.” rather than TikTok, but they’ve quickly raised the question: why is there so much data?
As of present, the TikTok data breach is the source of much confusion – while some security experts say that the incident is very likely to be (or even is) from TikTok, some suggest that it may just be scraped data. Some say that the source is not totally clear yet, so the theme within the security community regarding the incident at this stage is very mixed. It’s to be expected though – in our opinion, it’s still pretty early to jump into any conclusions.
The hackers are said to have received a lot of spam messages targeted towards their emails, Twitter and other social media instances about the incident and on the hacking forum, they said that they “are too busy working on the data” to be replying to everyone.
An API offered by BreachDirectory will help protect yourself and your company from data breaches like these – by running a scan through a list of known public data breaches, you will make sure that both your company, your employees, and you yourself will be on the safe side.
If you feel that your company is not ready to take the plunge yet, make sure to run a search through data breaches using the search engine to know if you’re at risk of identity theft or not, and we’ll see you in the next blog!
At this point, the TikTok & weChat data breaches are the source of much confusion – while some security experts believe that these data breaches did really occur, others are a little skeptical. It’s understandable, though – it’s still very early to jump into any conclusions regarding the incident and we hope that as time passes, more information will become available to the general public. We hope that this article has provided you with some usual information about the incident in question, and we will see you in the next one!