Tea, a women’s safety dating app that climbed to the top of the free iOS App Store rankings, experienced a significant security breach. The company revealed that authorized access to their system led to the exposure of thousands of user images.
Tea’s investigation revealed that the breach exposed around 72,000 images, categorized into two groups: 13,000 images from account verification submissions, including selfies and photo identification, and 59,000 publicly viewable images from app posts, comments, and messages.
The images were stored in a legacy data system with information dating back over two years. The company stated that there is currently no indication of any impact on current or additional user data.
Reports surfaced on Friday on platforms like Reddit and 404 Media, alleging that Tea app users’ images and IDs were shared on the online forum 4chan.
Tea mandates users to verify their identities with selfies or IDs, explaining the presence of driver’s licenses and facial photos in the leaked data.
Tea’s core function is to offer women a platform to report negative interactions experienced with men in the dating scene, aiming to enhance women’s safety. Despite reaching the No. 1 position on the US App Store, Tea’s popularity triggered discussions on potential privacy infringements towards men. Any confirmation of the breach would further fuel the ongoing debate over the security implications posed by online identity verification.
In its privacy policy, Tea reassures users that it takes reasonable security measures to safeguard personal information from loss, misuse, and unauthorized access. However, it acknowledges that no security system is entirely foolproof.
Tea has initiated a comprehensive investigation to evaluate the extent and ramifications of the breach.
