As it protects the personal data of over a billion users, TikTok, the short-video phenomenon that ranks among the most downloaded applications worldwide, is coming under growing scrutiny over its data security.
On Monday, a number of cybersecurity experts tweeted about the alleged discovery of a server breach that gave access to TikTok’s storage which they believe held personal user information. Only a few days prior, Microsoft Corp. reported discovering a “high-severity vulnerability” in the Android version of TikTok that “would have allowed attackers to compromise users’ accounts with a single click.”
TikTok now ranks as many young people’s favorite app after surpassing a billion monthly users a year ago. That makes it a tempting target for hackers who might try to take over well-known accounts or sell private information. The Trump administration classified it as a privacy issue in 2020. It was almost outlawed due to worries about possible connections between its Beijing-based parent firm and the Chinese government.
TikTok denied the allegations of a breach that was found over the weekend. A representative stated, “Our security team investigated into this statement and determined that the in question code is completely unrelated to TikTok’s backend source code.”
An Australian online security expert named Troy Hunt looked over a few of the data samples contained in the stolen documents and discovered matches between user profiles and videos uploaded under those IDs. However, part of the information uploaded was ‘“publicly accessible data that could have been constructed without breach.”
The vulnerability discovered by Microsoft is a more specific problem that might have affected Android-powered mobile devices. According to Dimitrios Valsamaras of the Microsoft 365 Defender Research Team, it might have enabled attackers to access and change “TikTok profiles and sensitive information, such as by publishing private videos, sending messages, and posting videos on behalf of users.”
According to a TikTok spokeswoman, the business addressed the security flaw after swiftly responding to Microsoft’s findings.
Even if the problems are minor or inconclusive, TikTok and its parent company will be the subject of great attention at a time when the US may intensify its measures against companies with ties to China.
Mobile apps under scrutiny by privacy authoritiesApple adds new categories of apps under "privacy policy requirement" for iOS 11LastPass Breach
About Us
iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com
Generate a privacy policy now
Ready in a few steps and built to meet the needs of both website and mobile app owners
Generate your privacy policy now