Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source of leaks to the media, the company admitted Friday.
TikTok has gone to great lengths to convince customers and governments of major markets like the United States that users’ data privacy is protected and that it poses no threat to national security.
But parent company ByteDance told AFP on Friday that several staffers accessed two journalists’ data as part of an internal probe into leaks of company information to the media.
They had hoped to identify links between staff and a Financial Times reporter and a former BuzzFeed journalist, an email from ByteDance’s general counsel Erich Andersen seen by AFP said.
Both journalists previously reported on the contents of leaked company materials.
None of the employees found to have been involved remained employed by ByteDance, Andersen said, though he did not disclose how many had been fired.
In a statement to AFP, ByteDance said it condemned the “misguided initiative that seriously violated the company’s Code of Conduct”.
Employees had obtained the IP addresses of the journalists in a bid to determine whether they were in the same location as ByteDance colleagues suspected of disclosing confidential information, a company review of the scheme led by its compliance team and an external law firm found, according to Andersen.
The plan failed, however, partly because the IP addresses only revealed approximate location data.
TikTok has again come under the spotlight in the United States, with Congress poised to approve a nationwide ban on using the wildly popular short-video app on government devices owing to perceived security risks.
The House of Representatives could this week adopt a law prohibiting the use of TikTok on the professional phones of civil servants, a move that would follow bans in around 20 US states.
TikTok has sought to convince US authorities that US data is protected and stored on servers located in the country.
But following media reports, it has also admitted that China-based employees had access to US users’ data, although the company insisted it was under strict and highly limited circumstances.
Related: TikTok Harvested MAC Addresses By Exploiting Android Loophole
Related: TikTok Hit by US Lawsuits Over Child Safety, Security Fears
Related: Five Ways TikTok Is Seen as Threat to US National Security

More from AFP
- European Police Arrest 42 After Cracking Covert App
- Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
- Cyberattacks Target Websites of German Airports, Admin
- Meta Slapped With 5.5 Million Euro Fine for EU Data Breach
- International Arrests Over ‘Criminal’ Crypto Exchange
- France Regulator Raps Apple Over App Store Ads
- More Political Storms for TikTok After US Government Ban
- Meta Hit With 390 Million Euro Fine Over EU Data Breaches
Latest News
- Germany Appoints Central Bank IT Chief to Head Cybersecurity
- OpenSSL Ships Patch for High-Severity Flaws
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Vulnerability Provided Access to Toyota Supplier Management Network
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
