In the midst of talks about TikTok being breached, many users of the app are wondering if their data is safe on the app.
TikTok itself has denied the reports after a hacking group posted images of what they claimed to be a TikTok database that contains the platform’s source code and user information. Even though the social media platform has denied the breach, many are still wondering if their data is safely handled by TikTok.
This has also drawn a divide among the cybersecurity space with some claiming that the data leak allegations are true, while others, claim that the information posted by the hacker group could be accessed without a breach.
TikTok is a globally known social media app, with more than a billion users a month, it makes an enticing lure for cybercriminals who seek to compromise users’ account and steal sensitive data. Whether it was breached or not, it is clear that a platform as big as TikTok faces a high risk of data breaches and we need to ensure we are safe as we use these social media platforms.
If the allegations on the Breach Forums message board are true, this could be a serious issue for many users. If alleged database records are user login credentials, the consequences can range from increased activity by attackers sending them spam or phishing messages, which already carries the risk of losing banking details and personal information, to even hacking into an account at TikTok.
Since many celebrities and bloggers use TikTok as their main source of communication with their audience, cybercriminals may be able to compromise them by publicizing private videos, sending messages, and uploading videos on their behalf. The extent of the consequences depends on how the company handles passwords – if they hashed and salted, it makes it much likely.
“Kaspersky recommends TikTok users, who are worried that their account credentials may have been compromised, to change their password. With Kaspersky Password Manager, you can monitor the security of all your passwords in real-time. To reduce the risk of someone taking over your account, Kaspersky also advises to implement two-factor authentication, which is a great policy for any online account,” comments David Emm, principal security researcher at Kaspersky’s GReAT.