What you need to know
- The profiles of 235M TikTok, Instagram, and YouTube users have been exposed.
- A database without password protection was discovered containing all the information.
- It had been collected by a company called Deep Social and stored online without a password.
A new report says that the user profiles of 235M TikTok, Instagram, and YouTube users were exposed in a data breach after the information was collected through web scraping.
According to TNW:
According to the report, security researcher Bob Diachenko discovered not one, but three identical copies of the database on August 1. It belonged to a company called Deep Social, which doesn't seem to exist anymore. As the report notes, web scraping isn't illegal, but firms like YouTube, TikTok, and Instagram all have policies prohibiting the practice. They had not commented on the breach at the time of publication. Deep Social, for its part, stated the data collected was all public:
Whilst the individual data of someone on Instagram, TikTok, and YouTube might well be publicly accessible, I'm not sure that's the same as a collated database of 235M people.
Apparently, four major data sets included the details of some 235M users including their profile name, full name, profile photo, age, gender, and stats about how many followers the user had. You can read the full report here.
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.