Hacktivists claim the siphoning of a huge mass of TikTok data. But it would actually be open access data that was probably collected by a third party.
Last Friday, a group of hacktivists called “Against The West” (ATW) boasted in a forum of having siphoned off more than two billion data from TikTok and WeChat. Their database is said to be around 790 GB and contains user data, audience statistics, source code, cookies, authentication tokens, configuration data, etc.
“Who thought that @TikTok would decide to store all the internal source code of their backend systems on an Alibaba cloud instance using a weak password? », ATW had written in a tweet dated September 3. In view of the samples of data that have circulated, the reality is obviously quite different. In a press release, TikTok refuted any intrusion into their information system. ATW’s data would in fact be public.
“Our security team found no evidence of a security breach. We have confirmed that the sample data in question is all publicly available and did not come from any compromise of TikTok systems, networks or databases. The samples also appear to contain data from one or more third-party sources not affiliated with TikTok. We don’t believe users need to take proactive action, and we remain committed to the safety and security of our global community.”explained TikTok to Forbes.
Shadow areas persist
What do we really find in this silo of data? According to the analyzes of the security researcher Troy Hunt, TikTok’s data is a mix of production data and test data. But the origin of these data remains obscure. For his part, the security researcher Bob Diachenko found technical clues that point to a third-party company called Hangzhou Julun Network Technology. But if she is the source, why is she collecting so much data? For marketing purposes? Or would it be for monitoring and tracking?
Many gray areas still remain in this story. On the side of ATW, it is also radio silence for the moment. The group was kicked out of Twitter and the forums it used. But it will certainly reappear one day. In a maintenance carried out last January, these hacktivists explained that they primarily target the so-called enemies of the West, namely Russia, China, North Korea, Belarus and Iran. And clearly, they want to be talked about.