According to Forbes, a recently discovered exploit on TikTok has compromised the accounts of celebrities and brands, including Paris Hilton and CNN. This malicious element reportedly spreads through direct messages and doesn’t require users to download anything, click on links, or even respond – simply opening the message seems to be enough.
The exact number of affected accounts remains unknown. However, reports indicate that the compromised accounts haven’t been used to post any unauthorized content.
TikTok acknowledges the issue and is working directly with impacted users to restore access. They’ve also confirmed their awareness of “a potential exploit targeting a number of brand and celebrity accounts.”
This incident raises concerns about lax security practices. News outlet CNN, whose account was compromised and subsequently disabled, reportedly had a large number of employees with access to their TikTok account. While specifics are still emerging, some sources suggest the breach might not be due to a security lapse on CNN’s end.
This isn’t TikTok’s first brush with security vulnerabilities. In 2023, the platform addressed a compromise affecting roughly 700,000 Turkish accounts due to weaknesses in SMS-based two-factor authentication. Additionally, security researchers identified exploits in 2022 that could grant hackers control of accounts with a single click. The same year, another alleged breach reportedly impacted over a billion users.
