In fact, it seems that TikTok almost had a situation on their hands because according to the security researchers at Check Point Research, they discovered a serious security flaw that would have allowed an attacker to steal user data, like phone numbers, through a feature in TikTok called “Friend Finder”.
According to the researchers, “The vulnerability could have allowed an attacker to build a database of user details and their respective phone numbers. An attacker with that degree of sensitive information could perform a range of malicious activities, such as spear phishing or other criminal actions. Our message to TikTok users is to share the bare minimum when it comes to your personal data. Update your OS and applications to the latest versions.”
TikTok has since patched the flaw, thankfully, and at this point it does not seem like it was exploited, at least not to our knowledge. In the meantime, we have seen how these types of leaks can be dangerous, where recently it was discovered that a Telegram bot was selling over 500 million phone numbers that were stolen from Facebook from back in 2019.