2.4 billion TikTok user records leaked online, hackers claim

Published: 11 June 2026
A Tiktok anime influencer next to Tiktok's logo.
Image by Getty

A hacker is advertising what they claim is a 2.4 billion-record TikTok user data leak exposing personal user details. Our researchers believe the data could come from infostealers.

Key takeaways:
  • A hacker claims to have 2.4 billion TikTok user records, including email addresses, phone numbers, dates of birth, usernames, and in some cases full names and location data posted on a well-known data leak forum.
  • The data likely originates from infostealer malware, not a direct TikTok breach. Researchers found no specific markers tying the samples exclusively to TikTok, suggesting the records were harvested from infected devices and could be repackaged under TikTok's name to attract buyers.
  • If any portion of the data is legitimate, users face phishing, vishing, and potential account takeovers. Exposed emails and phone numbers enable targeted social engineering, and researchers speculate passwords could be included in the full dataset, opening the door to credential stuffing attacks.

Over 2.4 billion TikTok user records have just surfaced on a hacker forum – at least, that’s what the attackers claim on a data leak forum favored by threat actors.

ADVERTISEMENT

According to the post, the dataset includes users’ email addresses and phone numbers, potentially affecting a massive number of accounts. If the attackers’ claims are confirmed, the leak would impact nearly all TikTok users.

We have reached out to TikTok for comment and will update this article once we receive a reply.

Meanwhile, our researchers investigated the alleged TikTok data leak claims. According to the team, the threat actor published 10 sample records to support their claims. The samples contain sensitive user information, such as:

  • Usernames
  • Email addresses
  • Phone numbers
  • Dates of birth
  • In some cases, full names, gender information, and language or location-related fields
tikok infostealers1
Post on hacker forum claiming TikTok data. Screenshot by Cybernews

Data likely comes from infostealers

Despite the troublesome claims, the team believes the alleged TikTok data samples do not include any specific flags indicating that the data exclusively belongs to TikTok users.

However, according to our researchers, the data appears to have been stolen and aggregated by infostealing malware.

ADVERTISEMENT

Infostealer malware is designed to harvest information directly from infected devices, collecting credentials, browser data, cookies, autofill entries, and other personal information.

Large collections of infostealer logs could be repackaged and sold on underground markets under the branding of well-known companies to attract potential buyers, and the TikTok name really puts the bait.

However, based on the information that the attackers provided, our team could not verify their claims.

For one, the listing provides a download link that redirects to a private Telegram channel containing only a single member, offering little additional evidence regarding the size or authenticity of the alleged database.

“We cannot confirm there are billions of records in the leak. But the post's headline is appealing to threat actors, to say the least,” our team noted.

tiktok infostealeers 2
Another post on hacker forum claiming TikTok data. Screenshot by Cybernews

This is not the first time an alleged TikTok dataset has surfaced online. Almost at the same time, another threat actor posted on the forum alleged TikTok’s dataset with 3000 records, containing usernames, emails, and plaintext passwords per line only. The data format suggests that it’s origin might also be infostealers.

In April 2025, a hacking group claimed to have breached TikTok. They threatened to release approximately 927,000 user passwords after TikTok ignored their demands. However, TikTok told Cybernews that they questioned the legitimacy of the claims.

What risks do users face?

If the data leak is confirmed, malicious actors could exploit the stolen information in numerous ways.Attackers could use email addresses and phone numbers to craft convincing messages appearing to come from TikTok or other trusted organizations.

ADVERTISEMENT

“Users could experience some more phishing or vishing coming their way,” our researchers warned.

The team also believes the published sample may be partially redacted and that account takeover attempts are a possibility.

“The whole thing could have account passwords too, which could be used for account takeovers and credential stuffing, but this is just a speculation,” they said.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked