Tea, a women’s safety dating app that recently gained popularity on the free iOS App Store, is now under scrutiny for a significant security breach.
The company announced on Friday the discovery of unauthorized access to a system, leading to the exposure of thousands of user images.
Initial investigations by Tea revealed that the breach compromised around 72,000 images, categorized into two groups: 13,000 selfies and photo IDs submitted for account verification, and 59,000 images available for public viewing within the app through posts, comments, and messages.
These images were stored in a dated data system containing data from over two years ago, according to the company’s statement. As of now, there is no indication that current user data has been impacted.
Earlier on Friday, reports surfaced on Reddit and 404 Media alleging that Tea app users’ images and IDs were shared on the anonymous forum 4chan.
Tea mandates identity verification through selfies or IDs, explaining the presence of driver’s licenses and facial photos in the leaked data.
The core concept of Tea is to offer women a platform to document negative interactions with men in the dating scene, aiming to create a safer space for all women. Despite achieving the top spot on the US App Store, the app’s success has raised questions about potential privacy concerns for men. If the breach reports are validated, it may further fuel discussions on the risks associated with online identity verification and security for internet users.
On its website’s privacy section, Tea emphasizes the implementation of security measures to safeguard users’ Personal Information against unauthorized access, loss, alteration, and more. The disclaimer, however, underscores that no security system is entirely impervious.
Tea has initiated a comprehensive investigation to evaluate the extent and repercussions of the breach.
