Social media video sharing app TikTok has denied a huge security breach after a hacker claims to have the personal details of more than a billion users.
Posts on a hackers' forum claim a group of users is in possession of a database of users - including many children who use the site - from both TikTok and WeChat, popular in China.
The hacker reportedly obtained the records from an insecure cloud server, although the video-sharing app giant denies this.
A TikTok spokeswoman told the media: “Our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code."
Australian web security consultant Tory Hunt - who runs haveibeenpwned.com which allows people to check if their email or phone number has been compromised - spoke about the likelihood the claims of a data breach are real.
He said he went through some of the data samples listed in the leaked files and found matches between user profiles and videos posted under those IDs.
However some details included in the leak were “publicly accessible data that could have been constructed without breach".
He tweeted: “This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info.
"Some data is junk, but it could be non-production or test data. It’s a bit of a mixed bag so far.”
Claims of this potentially huge security breach came just a few days after Microsoft researchers revealed they found "high-severity vulnerability” in TikTok’s Android app.
Dimitrios Valsamaras from the Microsoft 365 Defender Research Team said the issue could have allowed attackers to access and modify “TikTok profiles and sensitive information, such as by publicising private videos, sending messages and uploading videos on behalf of users".
He said that millions of accounts which used the Android version of the app were at risk, but added that TikTok were quick to fix the issue less than a month after they exposed the flaw.
A TikTok spokeswoman said the company had responded quickly to Microsoft’s findings and fixed the security flaw, which was found “in some older versions of the Android app.”