1 min reading
Tue Sep 20 2022

TikTok suffers critical third party data breach

tiktok-suffers-third-party-data-breach

The jury's still out on how this happened, but it's possible that TikTok might have stored all their internal backend source code on Alibaba Cloud, protected only by a weak password. Asides from the bad cyber hygiene, this is an example of mismanagement of a critical third party.

The company denied that there was a breach, however on September 3rd reports of a hack surfaced on Breach Forums, with the impact of a server holding 2.05 billion records in a 790GB database.

More on this story on TheHackerNews:

TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users’ Information

TikTok has denied reports of a data breach after a hacker group claimed to have gained access to information on two billion of its users.

thn.webp

The Hacker NewsRavie Lakshmanan

tiktok.webp

Ceeyu is a  SaaS platform that can help assess the security of your vendors and other third parties. By using a platform to improve your third-party risk management process, your organization can easily and quickly identify areas of risk. This data will help improve the security of risky vendors, effectively increasing yours as well.

Contact us for a demo! [email protected]

Silvana Precup Ceeyu

Silvana Precup

Author

Cybersecurity professional experienced in cross-functional roles bridging between top management, risk functions, IT and security operations teams. With a knack for TPRM and digital footprint.

Other Blogposts

Ceeyu UI

NIS2: Essential entities vs Important entities, what’s the difference?

The impact of NIS2 for essential and important entities is not much different when it comes to implementing controls to comply, as they are ...

December 11, 2023

Ceeyu UI

Does NIS2 also apply to companies regulated under DORA?

Does NIS2 also apply to companies covered by the DORA? If so, which subject is covered by which regulation? What is the difference and where...

November 13, 2024

the-eu-dora-regulation-and-third-party-risk

The EU DORA regulation and third party risk

With the DORA regulation that the EU aims to strengthen the IT security of financial services and industries. This means banks, insurance co...

July 17, 2022