A major data leak has affected several prominent social media platforms, including TikTok, Instagram, and Yahoo. The breach reportedly involved a 178GB TikTok database, over 17 million records of Instagram accounts, and a leak of Yahoo! account information.
The SOCRadar Dark Web Team discovered significant database breaches in these social media networks and also detected unauthorized admin access to a Spanish online store and the Mexican Youth Institute (IMJUVE) database being offered for sale.
The data leaked from the TikTok database is believed to be in JSON format and originated from tiktok.com. Although the exact date of the leak is uncertain, it is estimated that approximately 178GB of data were exposed.
Another threat actor allegedly leaked similar information during the same week, stating that the data dates back to 2022, suggesting the possibility of older records.
The Instagram data leak reportedly includes over 17 million records in JSON format, containing usernames, email addresses, phone numbers, locations, and names. Experts believe that the data may have been obtained from open sources.
Reports indicate that a potential breach of Yahoo! account information has been uncovered, although specific details about the extent and impact of the breach have not been disclosed. Additionally, there have been attacks on the Instituto Mexicano de la Juventud (IMJUVE), with the threat actor claiming to have complete access to the website’s database for sale and offering over 3,000 recordings.
Furthermore, unauthorized admin access to a Spanish online store has been found to be illegally sold, with the threat actor advertising administrative access to the store along with the number of orders in May and June.
The data leak poses a significant security risk for individuals and businesses, as sensitive information such as emails, texts, and social media posts can fall into the wrong hands.
It is crucial for users to prioritize their online security by adopting strong passwords and exercising caution when dealing with suspicious emails or communications.
