ByteDance, the Chinese parent company of popular video app TikTok, said Thursday that some employees abusively accessed TikTok user credentials of two US journalists this summer and were no longer employed by the company.
yteDance employees accessed the data as part of an unsuccessful attempt to investigate leaks of company information and aimed to identify potential links between two journalists and company employees, ByteDance General Counsel Erich Andersen said in the email . The disclosure, previously reported by the New York Times, could increase the pressure TikTok is facing in Washington from lawmakers and the Biden administration over security concerns over US user data.
A person briefed on the matter said four ByteDance employees involved in the incident were fired, including two in China and two in the United States. Company officials said they were taking additional steps to protect user data.
Congress will pass legislation this week banning US government employees from downloading or using TikTok on their state-owned devices.
TikTok chief executive Shou Zi Chew said in a separate email to employees seen by Reuters, “This misconduct is not at all representative of our company’s principles that I know.” He said the company “will.” further improve these access protocols, which have already been significantly improved and hardened since this initiative”.
Chew said the company has been working to build TikTok US Data Security (USDS) for the past 15 months to ensure protected TikTok US user data stays in the US.
“The USDS department limits access to this data to the USDS department and has already done so in our production systems,” he said. “We are completing the migration of protected US user data management to the USDS department and have systematically cut off access points.”
ByteDance also said it is reorganizing the internal audit and risk control department, and the global investigative function will be split and restructured. The company added that it will redesign the investigative process to include a board of directors.
The US government’s Committee on Foreign Investments in the United States (CFIUS), a national security agency, has been trying for months to reach a national security agreement with ByteDance to protect the data of more than 100 million US TikTok users, but it appears to be no agreement to be reached before the end of the year.
https://www.independent.ie/business/technology/news/tiktok-employees-accessed-user-data-of-two-us-journalists-in-hunt-for-story-leaks-company-admits-42239694.html TikTok employees accessed user data from two US journalists in search of story leaks, the company admits