Popular short-form video sharing platform TikTok suffered a data security incident after a hacker group, AgainstTheWest gained access to an internal cloud server containing its source code and user information.
The accessed database was hosted on a Alibaba cloud instance, and hold over 2 billion records in a 790 GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and more.
Source: url should be: https://www.secureworld.io/industry-news/tiktok-denies-data-breach
TPRM report: https://scoringcyber.rankiteo.com/company/tiktok
"id": "tik213327922",
"linkid": "tiktok",
"type": "Breach",
"date": "09/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Social Media',
'name': 'TikTok',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access to Cloud Server',
'data_breach': {'number_of_records_exposed': '2 billion',
'type_of_data_compromised': ['user data',
'platform statistics',
'software code',
'cookies',
'auth tokens',
'server info']},
'description': 'TikTok suffered a data security incident after a hacker '
'group, AgainstTheWest, gained access to an internal cloud '
'server containing its source code and user information.',
'impact': {'data_compromised': ['user data',
'platform statistics',
'software code',
'cookies',
'auth tokens',
'server info'],
'systems_affected': ['Internal cloud server']},
'threat_actor': 'AgainstTheWest',
'title': 'TikTok Data Security Incident',
'type': 'Data Breach'}