Tea, a popular app designed for women to safely discuss men they date, has suffered a data breach exposing thousands of user photos and IDs, the company confirmed on Friday.
According to Tea, approximately 72,000 images were leaked online, including 13,000 selfies or selfies combined with photo identification submitted during account verification. Additionally, another 59,000 images from posts, comments, and direct messages, which were publicly viewable within the app, were accessed without authorisation.
What is Tea?
Millions of women in the US have downloaded the Tea app based on its promise that it catches catfish, checks for hidden marriages and keeps users safe from men online.
According to App Store tracker SensorTower.com, Tea Dating Advice has become the most popular free app in the US, and is and is the number one lifestyle download.
Only last week, it claimed earlier to have recently gained close to a million new users.
But the app has also come under fire for being "anti-men".
Tea Dating Advice is a women-only app that allows users to anonymously post about men they are dating in the US.
It also offers phone number searching to check if men have "hidden marriages", background checks to look for criminal records, and a map of registered sex offenders.
How does it work?
As only women can use the app, it requires users to register by creating a username including location, birth date, a photo and official identification.
According to its policy, tea deletes all photos after a review.
Tea functions similar to Facebook pages like "Are We Dating the Same Person - Dhaka", but with more moderation and oversight.
All users who get accepted are promised anonymity outside of the usernames they choose, and taking screenshots of what's in the app is also blocked.
Once approved, users can leave comments describing specific men as a "red flag" or "green flag", and share other information about them.
Comments, on the other hand, can take days to be approved.
While men cannot use the app, Tea says any takedown requests should be emailed to their support desk with their name, location, as much information as possible about the content in question, as well as a photo.
The app was founded Sean Cook and it is believed the hack was done by the user platform 4chan.
What are the latest leaks about?
Following the leaks, Tea has assured that no email addresses or phone numbers were compromised and the breach only affected users who signed up before February 2024.
"Tea has engaged third-party cyber security experts and is working around the clock to secure its systems," the company said in a statement. "At this time, there is no evidence to suggest that additional user data was affected. Protecting Tea users' privacy and data is our highest priority."
Tea markets itself as a safe platform for women to anonymously vet men they might meet on dating apps like Tinder or Bumble to ensure their dates are genuine and not involved in other relationships.
Earlier reports by 404 Media revealed that users on the forum 4Chan discovered an exposed database that allowed unrestricted access to the leaked materials. However, access to the database has since been restricted.
Tea announced on Instagram this week that its user base has grown to 4 million.
The leak has faced significant backlash.
Claiming safety and anonymity, this breach sparked outrage over the claims made by the viral app.
Netizens did not spare the app's developers. One pointed out, "that's a lawsuit right there because it turns out that they stored it all in an open database that was exposed to the internet. Anybody with the URL could access it. There was absolutely no security on it."
Comments