A hacking crew claims it warned TikTok, got ghosted, and is now unleashing nearly a million users' passwords. TikTok questions the legitimacy of the claims.
A group calling itself R00TK1T ISC CYBER TEAM just lobbed a grenade, claiming to have snatched 972,000 TikTok users' passwords. As the attackers claimed, no one at TikTok answered their DMs, so they’re making good on their threat to leak a massive sample set.
“We warned Bytedance and TikTok, but their silence speaks volumes. Despite our clear message, they have ignored the cries of users locked out, suspended, or erased from the platform,” the group posted in their communication channel.
“Today we’re dropping a sample of 927K TikTok users into the wild,” they add. If the leak proves to be legit, it could mean mass account takeovers, phishing sprees, or even identity theft at scale.
However, these so-called “leaked databases” are often compiled from outdated information, recycled data from old breaches, or just fabricated data. A TikTok spokesperson echoes the same sentiment.
The company told Cybernews that its teams are actively reviewing this claim.
"These kinds of claims occasionally surface across all platforms. While they’re often designed to sound alarming, they typically fall apart under scrutiny,” the spokesperson said.
“We're continuing to investigate, and if we identify any valid impact to TikTok user accounts, we’ll take appropriate steps to protect our community,” the spokesperson said.
Owned by Chinese tech giant ByteDance, TikTok has over a billion users worldwide. The platform has been under a microscope for years, from its data collection practices to its alleged ties to Beijing. The US has threatened to ban it multiple times, citing national security.
Updated on April 25th with the company's statement.
Your email address will not be published. Required fields are markedmarked