×
Uncategorized

Women’s Dating App “Tea” Data Leak Exposes 13,000 User Selfies

Tea, a women-only dating safety app that allows users to review and share information about men they’ve dated anonymously, has suffered a significant data breach that exposed approximately 72,000 user images, including 13,000 sensitive selfies and photo identification documents submitted during account verification.

The breach was discovered at 6:44 AM PST on Friday, July 25th, when the company identified unauthorized access to their systems. 

Tea immediately launched a comprehensive investigation with assistance from external cybersecurity experts to assess the full scope and impact of the incident.

Scope of the Data Breach

The compromised data originated from a legacy data storage system containing information from users who signed up prior to February 2024. 

Of the 72,000 images accessed without authorization, approximately 13,000 consisted of selfies and photo identification documents that users submitted during the account verification process. 

The remaining 59,000 images were publicly viewable content from the app, including posts, comments, and direct messages.

“We have engaged third-party cybersecurity experts and are working around the clock to secure our systems,” the company stated in their official response. 

Tea emphasized that no email addresses or phone numbers were compromised during the incident, and only users who had created accounts prior to February 2024 were affected.

The breach occurred due to a vulnerability in Tea’s early development infrastructure. According to the company, some legacy content was not properly migrated to their newer, more secure system during the platform’s growth. 

An unauthorized actor gained access to an identifier link where data was stored before February 24, 2024.

Tea explained that the compromised images were originally archived in compliance with law enforcement requirements related to cyber-bullying prevention. 

The company noted that they have no evidence suggesting the photos can be linked to specific users within the app.

Tea markets itself with the motto that “women should never have to compromise their safety while dating,” operating as a platform where verified women can anonymously share Yelp-style reviews about men they’ve encountered in the dating scene.

The app has experienced significant growth, with reports indicating over two million users have requested to join in recent days.

During Tea’s early development stages, the company required selfies and identification documents as an additional safety measure to ensure only women could access the platform. 

This requirement was removed in 2023, but the legacy data remained stored in the compromised system.

The company has implemented additional security measures and fixed the identified data vulnerability. 

Get Free Ultimate SOC Requirements Checklist Before you build, buy, or switch your SOC for 2025 - Download Now

Related Posts

Post Comment

You May Have Missed

Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None