Security News > 2022 > September > TikTok denies security breach after hackers leak user data, source code

TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "Completely unrelated" to the company.
The user shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.
"This is an incorrect claim - our security team investigated this statement and determined that the code in question is completely unrelated to TikTok's backend source code, which has never been merged with WeChat data." - TikTok.
TikTok also told us that the leaked user data could not result from a direct scraping of its platform, as they have adequate security safeguards to prevent automated scripts from collecting user information.
Troy Hunt, the creator of the HaveIBeenPwned data breach notification service, confirmed in a Twitter thread that some of the data were valid.
"Database hunter" Bob Diachenko has validated the leaked user data as real, but couldn't provide any concrete conclusions about the origin of the data.
News URL
Related news
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- From likes to leaks: How social media presence impacts corporate security (source)
- Western Sydney University discloses security breaches, data leak (source)
- CISA warns of increased breach risks following Oracle Cloud leak (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Luna Moth extortion hackers pose as IT help desks to breach US firms (source)
- Twilio denies breach following leak of alleged Steam 2FA codes (source)
- Russian hackers breach orgs to track aid routes to Ukraine (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)