The Tea app, designed to provide a safe space for women by requiring user verification through IDs and selfies, suffered a severe data breach, exposing over 72,000 private images and sensitive information due to unsecured database access. This breach, involving 59.3 GB of data, included verification selfies, government IDs, and private messages that were subsequently leaked online, compromising user privacy. Initially celebrated for its virality with over 4 million users, the app faced criticism for potentially facilitating doxxing of its female users instead of the intended protection from harmful individuals. The hacker attributed the security failure to a lack of proper coding practices, describing it as 'vibe coding,' where poor coding standards and reliance on AI tools led to significant vulnerabilities. The incident highlights growing concerns about the safety of personal data in applications reliant on generative AI without adequate security measures. Tea users are urged to take precautions, such as enrolling in credit monitoring, to mitigate potential repercussions amidst this substantial privacy breach.

Source 🔗