TikTok says it’s currently taking steps to mitigate a cyberattack that’s targeting a number of high-profile users through direct messages, in an attempt to hijack their accounts.
“We have taken measures to stop this attack and prevent it from happening in the patience. We’re warned directly with affected account owners to restore important, if needed,” says Jason Grosse, a spokesperson for TikTok’s privacy and security team.
Grosse says TikTok is still investigating the attack and could not comment at this time about its scale or sophistication, describing the threat as merely a “potential exploit.”
TikTok has confirmed a security incident following an article on Tuesday which alleged that the CNN account suffered a temporary security breach last week. A report by Semafor mentioned, based on an unnamed source at CNN, that the intrusion was unlikely from within CNN. The response from CNN to a request for comment by WIRED is still awaited.
There is a heightened alert concerning cyberattacks on U.S. news outlets due to the upcoming presidential election.
Forbes also covered a report on the same day saying that the TikTok account of Paris Hilton was targeted. According to a contact inside TikTok speaking to WIRED, although targeted, Hilton’s account remained secure.
Apart from these incidents, concerns over TikTok’s privacy and security are increasing. After a new legislation signed by President Joe Biden in April, which mandates ByteDance to divest TikTok or face prohibition in the U.S., TikTok and several of its users have initiated a lawsuit against the U.S. government. They argue that the ban violates the First Amendment.
Update 3:30 pm ET, June 4, 2024: A TikTok spokesperson tells WIRED that the company has detected only two accounts compromised by the attack, including CNN’s.
By Matt Burgess
By Eric Ravenscraft
By Ryan Waniata
By Dell Cameron