TikTok is a wildly popular app around the world with over billion users, but a report by Check Point Research revealed there were multiple vulnerabilities in the app, which would have allowed attackers to manipulate content on user accounts and even extract confidential personal information.
According to the report, the vulnerabilities allowed attackers to send TikTok users messages that carried malicious links. Once the users clicked on the links, the attackers would then be able to take control of their accounts. It also stated that another vulnerability allowed attackers to retrieve personal information from TikTok user accounts through the company’s website.
Check Point Research states that it intimated TikTok about the vulnerabilities back on November 20. TikTok fixed all of the vulnerabilities by December 15. However, this report was released at a later date to give TikTok time to make users get updated to the latest version of the app.
Check Point Research has also filed a summary of its findings to the Department of Homeland Security in the United States. These findings will increase privacy concerns various governments had with TikTok.
TikTok has been on the radar of various governments. To recall, The Committee on Foreign Investment in the United States recently has started looking into ByteDance’s 2017 acquisition of Musical.ly, which later merged into TikTok.
Back in February, the Federal Trade Commission filed a complaint against TikTok, which states that TikTok is illegally collecting personal information from minors. According to the complaint, Musical.ly had violated the Children’s Online Privacy Protection Act, which requires online companies to direct children under 13 to get parental consent before collecting personal information. After which TikTok agreed to pay $5.7 million to settle the complaint.