TikTok reports security flaws on platform that could lead hackers to steal data

TikTok reported security flaws on its video-sharing platform that may have let hackers add or delete videos, change privacy settings and steal personal data.

The platform said that the malfunctions were fixed after they were highlighted to developer ByteDance by researchers at security firm Check Point.

The researchers informed ByteDance of the problems in November.

Check Point found that it was possible to spoof text messages to make them appear to come from TikTok. Once a user clicked the fake link, a hacker would have been able to access parts of their TikTok account.

"Like many organisations, we encourage responsible security researchers to privately disclose zero-day vulnerabilities to us," TikTok said in a statement.

"Before public disclosure, Check Point agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage further collaboration with security researchers."

The vulnerability is likely in place for most of 2019 and said that it “raised questions” as to whether hackers had discovered it.

Check Point added that the vulnerability was in place for most of 2019, and said this raised "serious questions" about whether any hacker had discovered it.