Tea App Suffers Breach, Exposing Thousands Of User Images

Tea, an app that claims to thief women "make judge your day is safe, not a catfish and not successful a relationship," is experiencing a information breach. 404 Media reports that a database posted connected 4chan allowed anyone to entree users' data. (It's since been removed.) The dataset included thousands of images, including driver's licenses.

4chan users claimed nan information came from an exposed database hosted connected Firebase, Google's app improvement platform. 404 Media verified that nan exposed retention bucket URL matches 1 recovered successful Tea's Android app.

The institution confirmed nan breach. In a connection to 404 Media, Tea said it "identified unauthorized entree to 1 of our systems and instantly launched a afloat investigation to measure nan scope and impact." The institution stated that nan exposed accusation included information from complete 2 years ago. It included 72,000 images, including selfies, photograph IDs and pictures from app posts and DMs.

"This information was primitively stored successful compliance pinch rule enforcement requirements related to cyber-bullying prevention," Tea said. "We person engaged third-party cybersecurity experts and are moving astir nan timepiece to unafraid our systems. At this time, location is nary grounds to propose that existent aliases further personification information was affected. Protecting our users' privateness and information is our highest priority. We are taking each basal measurement to guarantee nan information of our level and forestall further exposure."

The app allows users to station photos of "red-flag" men. "Already swiping for dates connected Tinder, Bumble, Match aliases Hinge?" nan app's Play Store transportation reads. "Tea is simply a must-have app, helping women debar reddish flags earlier nan first day pinch making love proposal and showing them who's really down nan floor plan of nan personification they're dating."

Its Play Store listing highlights a reverse telephone number lookup. It has sections for men's existent names, ages, addresses, societal profiles and narration statuses. Other features see a reverse image hunt and inheritance checks to thief women "get nan beverage connected your date." Users tin canvass others astir whether they should day caller matches.

The app requires caller users to taxable a verification selfie and a photograph of their government-issued ID. Tea told 404 Media that it uses this to verify that caller signups are so women.

The timing of nan breach coincided pinch nan app's surge successful popularity. According to Business Insider, Tea deed nan apical of Apple's App Store this week. The app first launched successful 2023.