Dating App Tea Exposed 72,000 User Images In A Major Data Breach, Including Id Documents

Tea Dating Advice, a dating app known for enabling anonymous warnings about men, confirmed a major data breach that exposed 72,000 user images—marking one of the largest such incidents this year. The breach included over 13,000 selfies and government-issued identification documents submitted for verification, as well as 59,000 images from posts, comments, and direct messages. These files were left publicly accessible due to a misconfigured Firebase storage bucket, which experts note is normally private by default. This technical slip, which required overriding explicit security warnings, led some observers to call the event gross negligence, not a traditional hack, as the information appeared online unprotected and unencrypted.

While the breach became widely known after datasets were posted to 4chan, their removal did not reverse the public exposure. 404 Media independently confirmed that the exposed storage URL was present in Tea’s Android app. According to the company, only users who signed up before February 2024 were affected, with no email addresses or phone numbers included among the leaked data.

The company stated that the sensitive images were kept for law enforcement collaboration around cyberbullying threats. The company has since hired outside cybersecurity experts and is working to secure its systems. The incident adds a layer of irony to growing privacy concerns, coming just days after the UK implemented a new law requiring adult sites (including dating apps) to collect users' ID documents for age verification, exactly the kind of sensitive data that was just exposed.

View article on AlternativeTo »

More about Tea Dating Advice | Tea Dating Advice Alternatives