Min menu


TikTok vulnerability caused users to post sensitive personal information


On the day we learned that the phone numbers of more than 500 million Facebook users are being sold by a robot on Telegram, another vulnerability in another social network now identifies that users' personal data is at risk.
In this case, there is a security flaw discovered in TikTok short video application, in the function of "find friends", according to security company Check Point, any user can get huge information from public data such as username, profile URL, profile picture or an avatar ... But also other more sensitive information such as phone numbers and some account information.

As The Security Company explained, this information could have been used to manipulate user accounts or to create a database of user information to sell to third parties or with malicious intent.

TikTok could have already solved this security flaw, but it was already possible to collect data for harmful purposes. According to Check Point alert, data can be used to trick users into phishing tactics and seize their bank statements, for example. "Our recommendation for TikTok users is to publish as little as possible their personal data," says Ikram Ahmed, a spokesman for Security Check Point.

For its part, the Chinese social network TikTok thanked the security company's researchers for reporting the error. This is not the first time TikTok has suffered from a vulnerability of this kind related to the safety of users. In the same month, another vulnerability was found that allows users to send messages with malicious links even if they are not contacts in the app.

Link source:https://www.cnet.com/news/tiktok-vulnerability-left-users-private-information-exposed/