The women-only dating safety app Tea experienced a monumental data breach, exposing over 72,000 private images, including selfies and IDs intended for verification. The app suffered from unsecured backend systems, leaving sensitive information vulnerable and eventually grasped by users on 4chan, who shared the data extensively online. The compromised dataset included substantial amounts of personal documentation, many dating up to 2025, despite Tea's claims that only old data was involved. The breach highlights potential flaws in modern app development practices, particularly the trend of 'vibe coding', where developers rely too heavily on AI tools without adequate security reviews. This incident not only jeopardizes the safety of the app's user base—primarily women seeking a secure online space—but also raises concerns about the adequacy of data protection measures in applications that handle sensitive user information. With automated data scraping making it impossible to contain the leak, users are advised to seek credit monitoring to mitigate potential damages.

Source 🔗