The women-only dating app Tea suffered a significant data breach after hackers discovered its unsecured backend database. Over 72,000 private images, including selfies and government IDs, were leaked online. This breach, totaling 59.3 GB, exposed sensitive information such as direct messages and user verification documents, contradicting the app's claims about only harboring old data. Tea's verification system, which required users to upload IDs and selfies, intended to filter out fake users but instead resulted in severe privacy violations. Critics highlighted a lack of security measures due to a phenomenon called 'vibe coding,' where developers rely on generative AI without proper security reviews. As a result, user IDs and private messages began appearing on various online platforms, leading to warnings for users about the risks of identity theft. Experts expressed concerns about AI-driven app development methods, noting that they often lead to exploitable vulnerabilities. Users are now advised to consider credit monitoring to mitigate potential damages.

Source 🔗