A popular app called Tea, meant for women to share information about men they’ve dated, has suffered a serious data breach.
The leak exposed about 72,000 images, including 13,000 selfies and government IDs that users submitted for identity checks and another 59,000 photos from posts, comments, and direct messages.
It has also emerged that more than 1.1 million private conversations, some discussing deeply personal topics like abortions, cheating and relationships, were exposed online.
Security researchers say that the breach happened because the app saved user data in an unsecured cloud storage bucket, allowing anyone to download the files without a password. Hackers posted the content on forums like 4chan and shared large files via torrent. Some users even created maps tracing the locations of people in the leaked images.
Tea claims the data came from a legacy storage system holding records from before February 2024, and says no emails or phone numbers were exposed. The company has taken the app’s messaging system offline, started work with cybersecurity experts, and notified law enforcement.
Meanwhile a class action lawsuit has been filed in the U.S. by several women affected by the leak. The plaintiffs say the app failed to protect user information, even though it pledged to delete uploaded IDs after initial verification.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
