In recent statements about their security posture, TikTok has emphasized that “protected U.S. user data is stored in the Oracle Cloud, with controlled and monitored gateways that only approved personnel have access to”. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. As investigations continue, this incident highlights ongoing concerns about data security on major social platforms and the persistent threat posed by sophisticated threat actors in the digital landscape. R00TK1T stated they had previously warned ByteDance and TikTok about security vulnerabilities but were ignored. A hacking collective identifying itself as R00TK1T has claimed responsibility for a massive data breach affecting TikTok, allegedly exposing the credentials of more than 900,000 users. “R00TK1T has a track record of exploiting vulnerabilities across various sectors, leveraging both technical weaknesses and insider knowledge,” notes one analysis of their previous activities. However, the company has previously denied similar breach claims, stating their security teams found no evidence of security breaches in their systems. According to the group’s statements, they have released a sample of 927,000 TikTok user records into the wild, describing it as “proof of their vulnerabilities”. According to cybersecurity experts, if verified, this breach could represent a significant security incident for the platform. While the exact attack vector remains unconfirmed, previous TikTok vulnerabilities have included insecure API endpoints and inadequate server-side validation protocols. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 25 Apr 2025 10:30:04 +0000