The famous dating platform Tea, which allows women to anonymously share experiences or warnings about men, surged to the top of the U.S. Apple App Store this week. However, the company behind the app confirmed on Friday that it had suffered a major security breach, leading to the unauthorized release of tens of thousands of user-submitted images, including selfies.
Tea Dating Advice, the U.S.-based firm behind the app, acknowledged that more than 72,000 images were accessed without authorization. These include approximately 13,000 identity verification photos, in which users submitted selfies holding government-issued IDs, and about 59,000 images that were publicly visible on the app through posts, comments, and direct messages.
The breach occurred on Friday at 6:44 AM PST and affected users who registered before February 2024. While no phone numbers or email addresses were compromised, the exposed content includes personal and potentially sensitive data.
Tea said the verification images were meant to be deleted immediately after the authentication process but were still accessible at the time of the breach. The company also confirmed that some content from user interactions, including posts and comments, may have been exposed.
According to the company, the data had been retained in compliance with legal obligations linked to cyberbullying investigations.
“We are working around the clock with internal security teams and external cybersecurity experts to secure our systems,” Tea said in an official statement. “Our investigation is ongoing to determine the full scope and impact of the breach.”
