Tag Archive for: denies

TikTok denies security breach after hackers claim to have records of more than a billion users


TikTok has denied a security breach after posts on hacking forums claimed to have compromised the app’s source code, as well as account details of potentially billions of people. In a statement posted to Twitter, the company said it “found no evidence of a breach,” following an investigation of the claims. The company also told Bloomberg UK that the alleged source code posted by the hackers “is completely unrelated to TikTok’s backend source code.”

Claims of a potential breach had been circulating among the security community after a post on a hacking forum to be in possession of a database with more than two billion entries related to TikTok and WeChat accounts. The hacking group claimed to have obtained the TikTok records from an insecure cloud server.

The supposed hackers published a sample of the TikTok data but, as security researcher Troy Hunt , it contained data that was already publicly accessible and thus “could have been constructed without breach.” Hunt, who runs the “haveibeenpwned” service, the data was overall “pretty inconclusive.”

While TikTok has strongly denied a breach, the info in the database could have come from other means. As Bleeping Computer , it could be the result of a data broker or some other third-party that scraped publicly-available data from the service.

Claims of a security breach come just days after Microsoft researchers that they had found a “high-severity vulnerability” in TikTok’s Android app that put millions of accounts at risk. Microsoft said the vulnerability was fixed less than a month after it alerted TikTok to the issue in February of 2022. TikTok has long faced questions about its and what user data is shared with parent company ByteDance. The company said last month that Oracle would review its algorithms and content moderation systems in an effort to assuage concerns.

Source…

Tech Bytes: Meta is fined, Tiktok denies hacking, new Apple Watch Pro


Meta’s big fine. Facebook’s parent company has been hit with a 400-million dollar penalty, for breaking European Union data privacy rules, because of its treatment of children’s data on Instagram. Meta says it plans to appeal the fine, setting up what could be a lengthy legal battle.

Tiktok is denying reports that it’s been hacked. A hacking group claims it breached the platform and accessed more than two billion records, including user data. But Tiktok says it found no evidence of a security breach.

Images of what may be the new Apple Watch Pro are making their way around the internet, and they appear to show the reports about a new button on the device are true. However it’s purpose isn’t known. The pictures also appear to show both a larger display and casing.

Source…

TikTok denies breach after hacker claims to have user data and source code


TikTok has denied a claim that it had been breached after a hacker on a popular hacking forum claimed to have obtained both user data and source code from the popular service.

A hacker going by the name of “AgainstTheWest” claimed to have breached TikTok on Breach Forums on Sept. 3 and stolen data from the Chinese instant messaging app WeChat as well. The hacker shared screenshots of alleged databases belonging to the companies and claimed they contained 2.05 billion records of more than 790 gigabytes.

AgainstTheWest claimed to have obtained the data from an Alibaba Group Holding Ltd. cloud instance. Given how often data breaches occur with exposed Amazon Web Services Inc. cloud instances, the claim is believable, but doubts followed shortly after that.

In response to the claimed data breach, TikTok said the claim is false and the source code shared by the hacker isn’t part of its platform. “This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data,” a spokesperson for TikTok told Bleeping Computer today.

However, some of the user data in the alleged data breach has been found to be legitimate. Troy Hunt from HaveIBeenPwnd tested the data and found some matches.

TikTok confirmed the presence of some data, adding that it could not have been a result of direct scraping of its platform. Bleeping Computer suggests that the data may have been gathered by a third-party data scraper or broker who scrapped publicly available data.

Notice on Breach Forums

Breach Forums, a successor site to the now shut-down RaidForums, has banned AgainstTheWest for “lying about data breaches.” The move is surprising given that the forum is a cesspool of data breaches, ransomware leaks and other stolen material. Still, perhaps there is honor among thieves when someone makes a…

Source…

Qihoo 360 Denies Rumor of Disguised Layoffs – Pandaily


Reports surfaced Monday suggesting that Chinese internet security firm Qihoo 360 has recently laid off employees from several departments in a disguised manner.

According to the reports, an employee disclosed that the company had persuaded some staff members to quit after accusing them of clocking in and out on behalf of their colleagues. The source said that severance certificates and background checks could be affected if the staff members refused to leave. The HR department even reportedly persuaded pregnant women to leave, claiming that they would be compensated for leaving on their own initiative. The source also indicated that as the company is quite large, the layoffs involve almost all departments. The only difference is the precise number of staff laid off in each department. In addition, downsizing also involved the director and department leaders.

In response to the reports, Qihoo 360 said that the firm has discovered recent cases of a few staff members punching in and out on behalf of others during routine attendance checks. The phenomenon was allegedly confirmed through various multi-channel verification methods. Firm representatives categorized the “fake punching” as cheating, adding that such behavior severely violates the company’s regulations and values. Therefore, Qihoo 360 claimed it is handling the matter in accordance with the law, and that there is no such thing as “disguised layoffs” or forcible dismissal of pregnant staff.

Qihoo 360, founded in 2005, focuses on free internet security services and has released products such as 360 Security Guard, 360 Mobile Security and 360 Security Browser. In January, 2022, the company estimated net profit attributable to shareholders to be about 823 million yuan to 991 million yuan ($129 million-$156 million), a decrease of about 65.98%-71.75% year-on-year.

SEE ALSO: China Internet Security Service Provider Qihoo 360 Suffers Sudden Malicious Attack

Ever since the beginning of this year, many leading Chinese internet companies have grappled with reports of mass internal layoffs, including Didi, JD.com, Alibaba, and Tencent. One recent example was the granting of “graduation notices” – in effect,…

Source…