TikTok says it's currently taking steps to mitigate a cyberattack that's targeting a number of high-profile users through direct messages, in an attempt to hijack their accounts.
“We have taken measures to stop this attack and prevent it from happening in the future. We're working directly with affected account owners to restore access, if needed,” says Jason Grosse, a spokesperson for TikTok’s privacy and security team.
Grosse says TikTok is still investigating the attack and could not comment at this time about its scale or sophistication, describing the threat as merely a “potential exploit.”
TikTok’s acknowledgment followed a report on Tuesday claiming CNN's account had been temporarily breached last week. Citing an anonymous source at the news organization, Semafor reports that the breach did "not appear to be the result of someone gaining access from CNN's end." CNN did not immediately respond to WIRED’s request to comment.
Concerns over hacking attempts targeting news organizations in the US are particularly high given the impending presidential election this fall.
Forbes reported earlier in the day that the account of hotel heiress Paris Hilton was similarly affected, citing sources within the company. A source at TikTok tells WIRED that Hilton’s account was targeted but had not been compromised.
Security and privacy concerns around TikTok expand beyond cyberattacks by malicious actors. The company itself is fighting to remain available in the United States after US president Joe Biden signed a law in April that forces its parent company, China-based ByteDance, to sell TikTok or face a ban. TikTok and several users have sued the US government, claiming the law is unconstitutional on First Amendment grounds.
Update 3:30 pm ET, June 4, 2024: A TikTok spokesperson tells WIRED that the company has detected only two accounts compromised by the attack, including CNN’s.
