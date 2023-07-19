As many as 700,000 TikTok accounts in Turkey had been compromised by a hack, weeks before Turkey's authoritarian President Recep Tayyip Erdogan managed to gain a slender lead in May re-election, a report in Forbes has claimed.

The report said that TikTok was informed about the potential vulnerability a year in advance, but did nothing to fix the issue. The ByteDance-owned company used 'greyrouting' of SMS through insecure channels which allowed non-state actors to allegedly gain access to TikTok accounts.

In simple terms, greyrouting means using unsecured channels to send SMS text messages. It is done so to bypass fees established by international telecommunications agreements.

In April 2022, UK’s National Cyber Security Centre, a division of the intelligence agency GCHQ, wrote an email to TikTok's security chief Roland Cloutier and warned that 'greyrouting' may allow 'SIM farms' in Russia and other countries to request and intercept one-time passwords to gain access to TikTok users’ accounts.

According to internal emails, documents, chat logs and other sources, Cloutier’s team initially acted on the tip and found out that TikTok was indeed using greyrouting to keep costs down, the Forbes report claimed. However, the company decided against applying a fix as it would have cost millions of dollars each month, it said.

Erdogan government may have benefitted

Although it is not clear who exploited the vulnerability, the Forbes report insinuated that the Erdogan administration may have used the situation to its benefit.

"Under Erdogan, the Turkish government has a history of using state-sponsored troll networks to hack and intimidate journalists and other critics."

Experts cautioned that without proper information, it was hard to know how significant the breach was, at the time.

“This could range from a super advanced spam attack to a state actor. If you’d just told me 700,000 accounts, I’d tell you that’s a Wednesday," said Alex Stamos, former security chief for Facebook.

Watch | Erdogan reelected as Turkish president

In response, TikTok released a statement saying it took steps to arrest the slide.

“TikTok became aware of unusual activity in April that affected the number of likes and accounts being followed on some user accounts. We immediately took steps to reverse and terminate this activity, notified affected users, and helped them secure their accounts," said spokesperson Alex Haurek, adding that TikTok was not 'hacked'.

In the lead-up to the elections, most poll pundits had not given Erdogan any chance to eke out a victory.

However, the 69-year-old emerged as the ultimate political survivor, defeating his secular opposition rival, Kemal Kilicdaroglu, by four percentage points.

(With inputs from agencies)