The popular dating platform Tea, known for allowing women to anonymously share experiences or warnings about men, faced a massive data breach, leading to the unauthorized leak of sensitive user content online.
The app, which recently topped the U.S. Apple App Store, suffered a security incident on Friday at 6:44 AM PST, exposing tens of thousands of user-submitted images. Tea Dating Advice, the U.S.-based company behind the app, confirmed that over 72,000 images were accessed without authorization.
Among the compromised data were approximately 13,000 identity verification selfies, where users had submitted photos holding government-issued IDs, and 59,000 images that were previously visible on posts, comments, and direct messages within the app.
The breach impacted users who registered before February 2024. Although phone numbers and email addresses were not compromised, the leaked content includes highly personal and potentially sensitive data. The company admitted that verification photos, intended for immediate deletion post-authentication, were still accessible at the time of the breach.
Tea further revealed that some user interactions, including posts and comments, may have also been exposed. The company stated that certain data was retained due to legal obligations related to cyberbullying investigations.
In an official statement, Tea said, “We are working round-the-clock with our internal security team and external cybersecurity experts to secure our systems. The investigation is ongoing to assess the full extent of this breach.”
