The women-only dating app Tea experienced a significant data breach, exposing over 72,000 users' private information including selfies and government IDs. The data, totaling 59.3 GB, was made publicly available after the app's unsecured backend database was discovered on 4chan. Originally designed to verify users and create a safe environment for women to discuss and warn about men, the leaked information negated these intentions as private DMs and user photos spread online. Critics pointed to 'vibe coding'—a practice where developers rely on AI tools without proper security checks—as a potential cause of this incident. The original leaker highlighted that the Firebase bucket used by Tea had no authentication protocols, making it vulnerable to such attacks. Users are advised to monitor their credit activities as their information is now accessible on various platforms, reminiscent of previous security failures in the tech industry. The situation has underscored the dangers of over-reliance on generative AI for coding without sufficient oversight.

Source 🔗