Getting your Trinity Audio player ready...
|
The popular women-focused dating and review app Tea has confirmed a major data breach that compromised approximately 72,000 user images. The breach, which was disclosed over the weekend, has raised significant concerns about user privacy and data security.
What Happened
Hackers reportedly accessed an older data storage system that contained sensitive user information. Around 13,000 selfies and government ID photos submitted for account verification were exposed, along with approximately 59,000 user-generated images, including photos from posts, comments, and private messages. The company emphasized that the breach primarily affected users who registered before February 2024 and that no emails, phone numbers, or financial information were compromised.
Tea, developed by San Francisco-based Tea Dating Advice, Inc., has launched an investigation in collaboration with third-party cybersecurity experts. The company states that it has now secured its systems and is reviewing its data storage policies to prevent future breaches.
The App and Its Rapid Rise
Launched in 2023 by software engineer Sean Cook, Tea quickly became a viral sensation. The app gained popularity for allowing women to share anonymous reviews and ratings of men, offering both “green flags” and “red flags” as part of its safety-first approach to online dating. At its peak, Tea became the number one app in the U.S. Apple App Store and reportedly reached over four million users by July 2025.
However, the breach has exposed a critical flaw in Tea’s system: its storage of verification data. Despite the company’s claims that ID photos would be deleted after review, the hackers accessed an older system where these images were still stored.
Backlash and Privacy Concerns
The breach has sparked outrage among users, who trusted the app to protect their anonymity and safety. Critics argue that the incident highlights the risks of platforms requiring personal identification for access. With government IDs now potentially compromised, affected users face the risk of identity theft or fraud.
Public commentary has been intense. Some commentators, including popular streamers, have pointed out the irony of a platform designed to protect women’s privacy becoming a victim of such a significant data exposure.
Tea’s Response
Tea has reassured users that only pre-February 2024 accounts were affected, and that no password resets or account deletions are currently necessary. The company has vowed to strengthen its security infrastructure and has pledged transparency as the investigation continues.
Could Tea Face Legal Action?
There is a possibility that Tea could face lawsuits over this breach, particularly if it is found that the company failed to take adequate security measures to protect user data. Class action lawsuits are common in cases where personal information is exposed, especially when sensitive data like government IDs are involved. While U.S. privacy laws vary by state, companies can be held liable if it is proven that they were negligent in safeguarding personal information.
“Given the sensitive nature of the data that was compromised, Tea could face significant legal exposure,” said Jennifer Michaels, a cybersecurity and privacy attorney based in New York. “If it’s determined that the company retained data longer than necessary or failed to encrypt sensitive files, that opens the door for class action claims and regulatory fines.”
The Tea app’s data breach serves as a sobering reminder that even platforms built around privacy and safety are not immune to cyberattacks. As Tea works to rebuild trust, users and privacy advocates alike are calling for stronger measures to protect sensitive data, especially on platforms that require identity verification.