On the cusp of Turkish President Recep Tayyip Erdoğan’s controversial re-election, TikTok’s acting security chief, Kim Albarella, received a grave report: around 700,000 TikTok accounts in Turkey had been compromised.
Hackers had exploited a vulnerability, known for over a year, enabling them to gain access to users’ personal information and seize control of their accounts.
This security loophole, identified by the UK’s National Cyber Security Centre, was caused by the ‘greyrouting’ of SMS messages through unsecured channels – a cost-saving measure known to compromise the security of messages.
Investigations confirmed that TikTok’s parent company, ByteDance, had been using greyrouting to cut costs.
Despite the security risks, the company refrained from switching SMS messaging providers to avoid incurring additional expenses – a decision that has now proved costly, both reputationally and potentially legally.
TikTok: Between Negligence Claims and Potential Political Implications
While the full extent and implications of the breach remain unclear, this incident signifies the largest known compromise of genuine TikTok accounts.
Former Facebook security chief, Alex Stamos, noted that SMS hijacking attacks are often targeted rather than randomly executed, with authoritarian states frequently wielding control over telecommunications.
This highlights the potential for politically motivated misuse of compromised accounts, especially ahead of key elections.
In response, TikTok insisted that they had not been ‘hacked,’ stating that no internal systems were compromised and no company data exposed.
But the trust breach leaves a daunting question – what does it mean for an app holding global popularity and influence when it fails to protect its user’s data?
Data Protection and Censorship: TikTok Amidst Political Pressures
The situation gets murkier given Turkey’s political climate. President Erdoğan has a history of employing state-sponsored troll networks to hack and intimidate critics.
Coupled with accusations of leveraging deepfakes and censorship to sway voters, the potential for misuse of compromised TikTok accounts cannot be dismissed.
However, internal investigations at TikTok found no evidence of activity related to the Turkish elections.
To be clear: we do not know whether this breach had anything to do with politics, or whether it targeted dissidents or aimed to surveil users or spread propaganda or anything like that. But if this one didn’t, it’s only a matter of time until one does. https://t.co/vmtoufm0v9
— Emily Baker-White (@ebakerwhite) July 18, 2023
This incident underscores the increasing power and responsibility held by major tech companies.
As providers of platforms with far-reaching influence, these companies play significant roles in shaping markets, cultures, and even election outcomes.
This holds especially true in regions with records of human rights violations and in the run-up to significant political events.
Consequently, TikTok’s lax approach to user data security sparks concern among regulators and users alike.
The TikTok episode sheds light on the looming question of data security and responsibility of tech giants in an increasingly interconnected world.
With growing political interest in social media platforms and the potential for manipulation, the stakes have never been higher.
RELATED:
- Know Who Perpetrated the $415 Million FTX Hack? ‘Dox-to-Earn’ Platform Arkham Wants to Pay You $70,000
- Vatican’s AI Ethics Book: Guiding the AI Revolution
- How Much Harm Are ‘Finfluencers’ Doing to Retail Investors? UK Regulator Says They Need More Oversight
What's the Best Crypto to Buy Now?
- B2C Listed the Top Rated Cryptocurrencies for 2023
- Get Early Access to Presales & Private Sales
- KYC Verified & Audited, Public Teams
- Most Voted for Tokens on CoinSniper
- Upcoming Listings on Exchanges, NFT Drops