The women's dating app Tea experienced a severe data breach, exposing over 72,000 verification selfies and government IDs after hackers accessed its unsecured database. Users uploaded these sensitive documents intending to maintain a women-only environment to combat online dangers. However, the breach revealed personal data including private messages, mapped for easy searching online. This security failure contradicts Tea's claims of ensuring user safety. With data indicating recent messages as recent as 2025, many users are now at risk. The original hacker attributed the security lapse to the company’s reliance on ‘vibe coding,’ where app development prioritized speed and casual coding practices over security reviews. The exposed data had no authentication, making it accessible by anyone. This incident raises broader concerns regarding the safety of apps that utilize AI for development without proper security checks, as noted by experts who found that nearly half of AI-generated codes contain exploitable vulnerabilities. Users are advised to consider credit monitoring to mitigate the fallout from this breach.

Source 🔗