A previously disclosed hack affecting Tea, a women-only dating advice app, was more extensive than previously thought, the company said Monday.
Tea’s investigation of the incident found that app users’ direct messages had been breached, along with some of their photos.
“Out of an abundance of caution, we have taken the affected system offline,” Tea said in a statement to CBS MoneyWatch.
The app, which has become one of Apple’s most downloaded free apps, was compromised in a cyberattack that exposed members’ personal information, including selfies, Tea said Friday. The hackers accessed a data storage system containing information that members had uploaded prior to February 2024, the company said.
An additional 59,000 images and direct messages were also accessed without authorization, according to Tea.
Tea lets women share information about their dates and run background checks on potential matches, among other things.
Ted Miracco, CEO at mobile security maker Approov, urged users to exhibit caution in sharing personal information on widely downloaded apps..
“A lot of people presume that if an app is available through Apple or Google, that it’s safe. That’s the first mistake consumers make,” he told CBS MoneyWatch.
Miracco also said Tea lacked adequate security protections.
“This is basic cybersecurity and something the company should be held accountable for,” he said. “They rushed to market and promised consumers to create a safe site, and instead they exposed them.”
Megan Cerullo
Megan Cerullo is a New York-based reporter for CBS MoneyWatch covering small business, workplace, health care, consumer spending and personal finance topics. She regularly appears on CBS News 24/7 to discuss her reporting.
