The women-only dating app Tea has suffered a significant data breach, exposing over 72,000 user IDs, selfies, and private messages. Hackers discovered that Tea's backend database was entirely unsecured, leading to the unauthorized spread of sensitive user information online. The leaked data includes verification selfies and government IDs uploaded by users, aimed at filtering out fake accounts. Despite claims that the breach involved only old data, some private messages dated as recently as 2025 were included. Critics have pointed out that the app's emphasis on safety and empowerment became ironic as it resulted in the exposure of its user base. The original leaker noted that the lack of proper security measures was perhaps due to what they called 'vibe coding'—a term describing reckless, AI-assisted coding without proper security checks. This incident raises concerns about the reliance on generative AI for app development, as vulnerabilities in the code remain prevalent. Users affected by the breach are advised to seek credit monitoring and take steps to protect their information in light of this security failure.

Source 🔗