Hackers have allegedly taken possession of the data of 2 billion TikTok and WeChat users. Companies deny attack

TikTok, the Chinese-owned social network that has enjoyed resounding success in recent years, surpassing all Meta networks in downloads, denies that its systems were compromised. A hacker group called “AgainstTheWest”, however, claims to have hacked TikTok and WeChat’s systems, and have tried to prove it with screenshots of databases belonging to those companies. TikTok representatives deny this.

TikTok and WeChat systems compromised by hackers?

According to AgainstTheWest members, the hacker group managed to break into Alibaba’s servers where these databases were stored. The hackers say they came into possession of 790 GB of data containing user information, platform statistics, source code, cookies, authentication tokens, server information and more. In total, they have over 2 billion database entries they obtained.

TikTok told BleepingComputer, however, that the hackers’ claims are fabrications. The company has analyzed the source code published on the internet so far and claims that it does not belong to its social media platform:

“This is an incorrect claim. Our security team has investigated those claims and determined that that code is not part of Tiktok’s source code at all, and was never connected to WeChat data.”

Furthermore, TikTok representatives say that the platform could not have been scanned for data (scarping), as it has security systems specifically made to prevent this. Its customers’ data cannot simply be copied off the network.

The AgainstTheWest hackers, despite their name, are not an Eastern group attacking Western companies or systems. It only attacks companies and systems that originate from countries hostile to the West, such as China.

Those who have independently analyzed the data have confirmed that some of the data is indeed real, but its source may not be a TikTok or WeChat database, but an archive made by someone else from scanning the two networks independently. What’s more, the data obtained appears to be what is already publicly available.