A new exploit has emerged on TikTok, compromising the official accounts of Paris Hilton, CNN, and others, as reported by Forbes. This exploit spreads via direct message and doesn’t require any download, click, or response beyond opening the chat. The extent of affected accounts remains unknown.
Interestingly, the hacked accounts are not actively posting content. A TikTok insider told Forbes that these compromised accounts “do not appear to be posting content.” TikTok acknowledged the issue in a statement to The Verge, stating they are “aware of a potential exploit targeting a number of brand and celebrity accounts” and are “working directly with affected account owners to restore access.”
CNN’s Response to the Hack
Semafor reported that CNN’s TikTok account had been hacked, prompting the network to disable it. It is unclear if this is the same exploit affecting other high-profile accounts. CNN mentioned that it is “working with TikTok on the backend on additional security measures.”
CNN staff informed Semafor that the network had “grown lax” in digital safety practices, with numerous employees having access to the official TikTok account. However, another source suggested that the breach was not due to someone gaining access from CNN’s end. Further details are awaited, and updates will follow as more information becomes available.
This is not TikTok’s first major security issue. In 2023, the company reported that around 700,000 accounts in Turkey were compromised due to insecure SMS channels used in its two-factor authentication process. In 2022, Microsoft researchers found a vulnerability that allowed hackers to overtake accounts with a single click. Later that year, an alleged security breach purportedly impacted more than a billion users.
Related News:
Featured Image courtesy of Lam Yik/Bloomberg