Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords

A hacking collective identifying itself as R00TK1T has claimed responsibility for a massive data breach affecting TikTok, allegedly exposing the credentials of more than 900,000 users. 

According to the group’s statements, they have released a sample of 927,000 TikTok user records into the wild, describing it as “proof of their vulnerabilities”.

R00TK1T stated they had previously warned ByteDance and TikTok about security vulnerabilities but were ignored.

“We warned ByteDance and TikTok, but their silence speaks volumes. Despite our clear message, they’ve ignored the cries of users locked out, suspended, or erased from the platform,” the group declared.

R00TK1T Leak Exposes User Credentials

According to a post on a popular dark web forum, the hackers characterized this data dump as merely “a taste of what’s coming,” threatening that “the next phase will hit harder, exposing their deepest secrets and shattering their systems”. 

The released information allegedly contains usernames, passwords, and potentially other sensitive account details from the platform’s backend systems.

According to cybersecurity experts, if verified, this breach could represent a significant security incident for the platform. The hackers claim they accessed an insecure cloud server containing user credentials and platform code. 

While the exact attack vector remains unconfirmed, previous TikTok vulnerabilities have included insecure API endpoints and inadequate server-side validation protocols.

This is not R00TK1T’s first high-profile claim. The group has previously alleged successful breaches of multiple organizations, including Maxis’ network in Kulim, Nestle, and Qatar Airways. The group has a pattern of making dramatic claims that sometimes outpace verifiable evidence.

“R00TK1T has a track record of exploiting vulnerabilities across various sectors, leveraging both technical weaknesses and insider knowledge,” notes one analysis of their previous activities.

TikTok’s Response

As of publication time, TikTok has not officially responded to these specific allegations. However, the company has previously denied similar breach claims, stating their security teams found no evidence of security breaches in their systems.

In recent statements about their security posture, TikTok has emphasized that “protected U.S. user data is stored in the Oracle Cloud, with controlled and monitored gateways that only approved personnel have access to”.

Security experts recommend that TikTok users take immediate precautionary measures:

• Change passwords immediately
• Enable two-factor authentication
• Monitor accounts for suspicious activity
• Be alert for potential phishing attempts leveraging the leaked data

As investigations continue, this incident highlights ongoing concerns about data security on major social platforms and the persistent threat posed by sophisticated threat actors in the digital landscape.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.