Over 900,000 users' information apparently exposed.
The R00TK1T hacking collective has claimed to have stolen a TikTok user database.
According to GBHackers News, R00TK1T has purported to erase individuals' TikTok accounts as part of the breach, with screenshots of supposed deleted account confirmations and database snippets, as well as links to the database, posted by the group on hacking forums.
Such assertions are already being investigated by TikTok, which has urged its users to adopt robust passwords, activate two-factor authentication, and avoid credential inputs on suspicious websites.
TikTok users have also been warned against clicking questionable links or downloading leaked information.
Meanwhile, increased caution about R00TK1T's claims has been sought by cybersecurity researchers, including Elena Zhou, who noted the group's reputation for embellishing their alleged breaches. "R00TK1T regularly exaggerates impact for attention. We'll need independent verification and technical analyses before confirming any widespread breach," added Zhou.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
