Pierluigi Paganini September 16, 2023
TikTok fined €345M by Irish DPC for violating children’s privacy

The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children. The Irish Data Protection Commission (DPC) fined TikTok €345 million for violating children’s privacy. The Irish data regulators discovered that the popular video-sharing app allowed adults to send direct messages to certain teenagers who have no family […]

Pierluigi Paganini May 15, 2023
Former ByteDance executive alleges TikTok of wrongful conduct

A former ByteDance executive revealed that the China government has access to TikTok data, including data stored in the United. Yintao Yu, the head of engineering for ByteDance’s U.S. operations from August 2017 to November 2018, revealed that the Chinese government has access to all TikTok data, including information stored in the United. He explained […]

Pierluigi Paganini February 23, 2023
The European Commission has banned its staff from using TikTok over security concerns

The European Commission has banned its employees from using the Chinese social media app TikTok over security concerns. The European Union has banned the popular Chinese video-sharing app TikTok from the mobile devices of its employees over security concerns. The app developed by the Chinese firm ByteDance has over 1 billion active users worldwide, it […]

Pierluigi Paganini January 14, 2023
French CNIL fined Tiktok $5.4 Million for violating cookie laws

French data protection watchdog fined short-form video hosting service TikTok €5 million for breaking cookie consent rules. The Commission nationale de l’informatique et des libertés (CNIL) has fined short-form video hosting service TikTok €5 million (about $5.4 million) for violating cookie consent rules. French data protection watchdog claims that users are not able to refuse cookies, as easily […]

Pierluigi Paganini December 23, 2022
TikTok parent company ByteDance revealed the use of TikTok data to track journalists

ByteDance admitted that its employees accessed TikTok data to track journalists to identify the source of leaks to the media. TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media.  According to an email from ByteDance’s general counsel Erich Andersen which […]

Pierluigi Paganini November 30, 2022
Attackers abused the popular TikTok Invisible Challenge to spread info-stealer

Threat actors are exploiting interest in a popular TikTok challenge, dubbed Invisible Challenge, to trick users into downloading info-stealing malware. Threat actors are exploiting the popularity of a TikTok challenge, called Invisible Challenge, to trick users into downloading information-stealing malware, Checkmarx researchers warn. People participating in the Invisible Challenge have to apply a filter called Invisible […]

Pierluigi Paganini November 03, 2022
Updated TikTok Privacy Policy confirms that Chinese staff can access European users’ data

TikTok updated its privacy policy for European Economic Area (“EEA”) and confirmed that its Chinese staff can access their users’ data. The short-form video-sharing service TikTok updated its privacy policy for European Economic Area (“EEA”), the UK, and Switzerland and confirmed that its users’ data can be accessed by its personnel, including Chinese employees. European user data […]

Pierluigi Paganini September 05, 2022
TikTok denies data breach following leak of user data

Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […]

Pierluigi Paganini August 31, 2022
A flaw in TikTok Android app could have allowed the hijacking of users’ accounts

Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking. Microsoft researchers discovered a high-severity flaw (CVE-2022-28799) in the TikTok Android app, which could have allowed attackers to hijack users’ accounts with a single click. The experts state that the vulnerability would have required the chaining with other […]

Pierluigi Paganini November 18, 2021
Phishing campaign targets Tiktok influencer accounts

Threat actors have launched a phishing campaign targeting more than 125 TikTok ‘Influencer’ accounts in an attempt to hijack them. Researchers from Abnormal Security uncovered a phishing scam aimed at hijacking at least 125 TikTok ‘Influencer’ accounts. The original phishing email used a TikTok copyright violation notice lure, the messages instructed the victims responding to […]