TikTok’s security team is tackling an issue that enabled hackers to breach several high-profile celebrity and brand accounts on its platform, including those of Paris Hilton, CNN, and Sony. The ByteDance-owned app did not disclose details about the nature of the attack or the mitigation tactics used, only stating that measures were taken to halt the attack and prevent future incidents.
The attack, as reported by Semafor and Forbes, seemed to involve malware sent through TikTok’s direct messages, potentially restricting account owners from accessing their profiles. The hacker’s motives were not immediately apparent, as no content had been posted from the compromised accounts. Semafor indicated that CNN’s account was hacked last week, causing it to be down for several days. CNN stated it was collaborating with TikTok to implement additional security measures to safeguard the account, especially with the upcoming U.S. presidential elections.
When approached for comment, TikTok chose not to divulge further details about the attack or its countermeasures, to avoid alerting other potential malicious actors.
“Our security team is aware of a potential exploit targeting a number of high-profile accounts,” a TikTok spokesperson commented. “We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access, if needed.”
These attacks coincide with TikTok’s influence in the U.S. being scrutinized. Due to national security concerns, President Biden signed legislation in April mandating ByteDance, TikTok’s Chinese parent company, to sell the app or face a ban in the U.S. If ByteDance does not sell, it will become illegal for app stores to distribute TikTok once the law is in effect.
TikTok has since filed a lawsuit against the U.S. government over the law, which will result in prolonged legal battles. Interestingly, Donald Trump, one of TikTok’s initial critics and the first president to attempt banning the app in the U.S., is now using it for his campaign.