TikTok has denied a claim that it had been breached after a hacker on a popular hacking forum claimed to have obtained both user data and source code from the popular service.

A hacker going by the name of “AgainstTheWest” claimed to have breached TikTok on Breach Forums on Sept. 3 and stolen data from the Chinese instant messaging app WeChat as well. The hacker shared screenshots of alleged databases belonging to the companies and claimed they contained 2.05 billion records of more than 790 gigabytes.

AgainstTheWest claimed to have obtained the data from an Alibaba Group Holding Ltd. cloud instance. Given how often data breaches occur with exposed Amazon Web Services Inc. cloud instances, the claim is believable, but doubts followed shortly after that.

In response to the claimed data breach, TikTok said the claim is false and the source code shared by the hacker isn’t part of its platform. “This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data,” a spokesperson for TikTok told Bleeping Computer today.

However, some of the user data in the alleged data breach has been found to be legitimate. Troy Hunt from HaveIBeenPwnd tested the data and found some matches.

This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It's a bit of a mixed bag so far.

— Troy Hunt (@troyhunt) September 5, 2022

TikTok confirmed the presence of some data, adding that it could not have been a result of direct scraping of its platform. Bleeping Computer suggests that the data may have been gathered by a third-party data scraper or broker who scrapped publicly available data.

Notice on Breach Forums

Breach Forums, a successor site to the now shut-down RaidForums, has banned AgainstTheWest for “lying about data breaches.” The move is surprising given that the forum is a cesspool of data breaches, ransomware leaks and other stolen material. Still, perhaps there is honor among thieves when someone makes a provably false claim.

The claim that Tiktok was breached comes after the Microsoft 365 Defender Research Team wrote on Aug. 31 about a vulnerability in the TikTok Android application that could have allowed attackers to compromise user accounts.

Described as a “high-severity” security flaw, the vulnerability was fixed by TikTok before the details were published. Although the Microsoft researchers claimed that there’s no evidence the vulnerability had been exploited, it does raise concerns that TikTok could have been previously breached.

Images: Unsplash, Breach Forums