App Touting Safe Space for Women Hit by Data Breach
8 hours ago
3,627
Tea, a dating app created to let women anonymously ask or warn each other about men they have gone out with, suffered a significant data breach, the company revealed in a statement on Friday.
The data that was hacked into included 72,000 images, including 13,000 selfies or identity photos used to verify accounts, along with 59,000 other images that were viewable on the app, according to the company’s statement.
Access to the data was “from prior to February 2024,” Tea’s statement added.
Why It Matters
The app, which relies on the storage of images in order for women to review the men they dated and is marketed as a “dating safety tool,” recently rocketed to number one on the App Store.
The hack raises important questions around data privacy, particularly for services pitched as safe spaces for vulnerable populations.
With millions of users—many submitting sensitive photos and documents for safety verification—Tea’s breach underscores the risks of online dating platforms and has renewed debate about protections for users within female-centric digital communities.
What To Know
The company said only users who registered before February 2024 are impacted by the breach, which was linked to archived data that was kept for compliance with law enforcement requests related to cyber-bullying investigations, not active user accounts or recent uploads.
Photos cannot be linked to specific users within the app and no email addresses or phone numbers were accessed, according to Tea.
The breach stemmed from content that had not yet been migrated to the app’s updated secure platform, a transition that occurred in February 2024.
Users who joined after that date were not affected, according to Tea. Third-party cybersecurity experts have been engaged, and the company asserted all systems and affected data have now been secured.
“We are working around the clock with internal security teams and third-party experts to secure our systems. At this time, we have no evidence that any additional or current user data has been accessed,” Tea said in its statement.
Some of the exposed images, including license photos, have reportedly circulated on message boards such as 4chan and Reddit, according to a report from the BBC.
A woman is holding a smartphone in her hand to type in a phone number, next to her is a laptop on the table. A woman is holding a smartphone in her hand to type in a phone number, next to her is a laptop on the table. Niklas Graeber/picture-alliance/dpa/AP Images
What People Are Saying
Tea said in a post about the data breach Friday: “During our early stages of development some legacy content was not migrated into our new fortified system. Hackers broke into our identifier link where data was stored before February 24, 2024. As we grew our community, we migrated to a more robust and secure solution which has rendered that any new users from February 2024 until now were not part of the cybersecurity incident.”
What Happens Next?
Tea encouraged users to reach out to its support team with any further concerns.
The company has engaged in further security measures to prevent any additional breaches.
A legjobb élmény biztosítása érdekében olyan technológiákat használunk, mint a cookie-k az eszközadatok tárolására és/vagy eléréséhez. Ha beleegyezik ezekbe a technológiákba, akkor olyan adatokat dolgozhatunk fel ezen az oldalon, mint a böngészési viselkedés vagy az egyedi azonosítók. A hozzájárulás elmulasztása vagy visszavonása bizonyos funkciókat és funkciókat hátrányosan érinthet.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
