Tea, a women’s safety dating app that recently gained popularity on the free iOS App Store, has fallen victim to a significant security breach. The company acknowledged on Friday that there was an ‘authorized access’ to one of their systems, resulting in the exposure of thousands of user images.
Initial reports from Tea indicate that the breach compromised about 72,000 images. This included 13,000 images of selfies and identity photos submitted for account verification, as well as 59,000 publicly visible images from app posts, comments, and messages.
These images were part of a ‘legacy data system’ that held data from over two years ago, as mentioned in the company’s statement. Currently, there is no indication that the breach affected present or additional user data.
Earlier on Friday, both Reddit and 404 Media flagged that Tea app users’ images and IDs were circulated on the anonymous platform 4chan.
Tea app enforces the verification of users’ identities through selfies or IDs, explaining the presence of driver’s licenses and face images in the leaked data.
The core concept of Tea is to provide women with a platform to report negative encounters with men in the dating scene, aiming to enhance women’s safety. Despite gaining the top spot on the US App Store, the app has stirred controversies regarding user privacy. The alleged breach, if confirmed, will add fuel to the ongoing discussions about the risks of online identity verification for internet users.
In the privacy policy section on its website, Tea affirms its commitment to safeguarding users’ Personal Information with adequate security measures to prevent any compromise. However, the app acknowledges that no security system is completely impervious.
Tea has initiated a thorough investigation to evaluate the extent and consequences of the security breach.
