The security breach at women’s dating safety app Tea worsens, with over 1.1 million private messages and tens of thousands of user images exposed online. Hackers posted this sensitive data on the infamous anonymous message board 4chan. Posts included conversations about abortions, cheating partners, and personal contact information. Tea temporarily disables direct messaging and promises to support affected users as privacy concerns mount.
What’s Happening & Why This Matters
Tea, founded in 2023, allows women to anonymously share and review details about men they date, aiming to enhance safety. The app quickly rose to the top of the App Store charts, reaching over 4 million users worldwide. However, a serious data breach unravelled this momentum.
The breach exposed a cloud database hosted on Google’s Firebase platform. It contained 72,000 images, including 13,000 selfies and photo IDs used for account verification. Additionally, 59,000 images came from user posts, comments, and direct messages. Initially, Tea claimed only users who signed up before February 2024 were affected, but later leaks showed private messages as recent as last week were also compromised.
Hackers posted links to the exposed database on 4chan, where users sifted through and shared sensitive photos and data. Some of the leaked chats mentioned real names, social media handles, and phone numbers, raising risks of identity exposure.
Tea confirmed the breach in an official statement and disabled its direct messaging feature to prevent further damage. The company engaged third-party cybersecurity experts and has begun notifying affected users, offering free identity protection services.
Security researchers warn that the data was stored in a “public bucket,” a storage container accessible without proper authentication. This misconfiguration allowed anyone to access the sensitive data.
4chan’s history includes involvement in high-profile leaks, including stolen celebrity images in 2014 and a recent catastrophic cyberattack that exposed its source code. The Tea breach adds to growing concerns about app security and the risks of third-party cloud storage.
TF Summary: What’s Next
The Tea app breach presents the dangers of inadequate cloud security and the severe consequences for users sharing sensitive information. Tea’s response and user support are proactive actions, but the damage exposes the urgent requirement for stronger platform data protection standards.
Apps focused on personal safety must prioritise airtight security alongside transparent communication to maintain trust. The Tea incident is another warning to users: sharing sensitive data online is risky. Take proper precautions — always.
— Text-to-Speech (TTS) provided by gspeech