TikTok, a sensation among the teenage folks, especially the dancing loving females, has stuck in a latest data breach controversy. According to a user named BlueHornet who tweeted on September 4th,2022, an exposed server named ‘Cabinet’ has led to the data breach of over 34GB worth of data and it could be more, as the breach history unfolds more.
Despite clear-cut denial of TikTok, those who accessed the data leaked by a cloud storage platform have confirmed that the information truly belongs to the business arm of ByteDance and apparently, there is a high possibility that financial information of over 1 billion users was also compromised.
BlueHornet claims that the breach is a lot bigger than expected as the hacker who had access to the server extracted over 2 billion user records including the backend source code.
Troy Hunt of ‘Have I been pwned’ and a former Regional Director of Microsoft did an analysis of the data samples available on the dark net and confirmed that they truly belonged to genuine user profiles. However, Troy felt that the extract data was a small portion through which profile data were constructed.
Bob Diachenko, a security analyst at Security Discovery, stated that the breach could have originated after the threat actors took control of servers belonging to Hangzhou Julun Network Technology that provided financial tech processing support for TikTok.
NOTE- Interestingly, the data leak took place just a week after Microsoft found a high-severity vulnerability in the video processing servers of TikTok.