A major data breach has hit U.S.-based women-only app ‘Tea’, with hackers gaining access to over 72,000 images, including thousands of personal ID photos, the company confirmed on Friday. The app, designed to let women anonymously share experiences and “red flags” about men they’ve dated, has recently gained popularity and stirred debate over its privacy and safety features.
According to a spokesperson for Tea, the breach occurred early Friday when hackers infiltrated a “legacy storage system” that contained media files from users who signed up before February of the previous year. Out of the stolen content, approximately 13,000 images included selfies or pictures featuring photo identification used for verifying user accounts.
The remaining compromised media came from public posts, comments, or messages visible within the app, the company added. However, Tea confirmed that no email addresses or phone numbers were accessed during the breach.
Viral Popularity Meets Security Concerns
Launched with the mission of empowering women through anonymous dating reviews, Tea describes itself as a platform fostering a digital “sisterhood” of over 1.6 million users. The app allows women to share stories and advice to protect each other from “problematic men”, which has earned it both praise and criticism.
ALSO READ: Viral video: American woman learns marathi to surprise husband, his reaction wins the internet
While supporters hail it as a space that can help women avoid toxic or abusive relationships, critics warn of the privacy implications of including names and photos in such reviews. These concerns have intensified following the data breach.
The hacked content, including copies of government-issued ID cards, reportedly appeared on 4Chan, a controversial internet forum often linked to incel culture and online misinformation, as seen in screenshots shared on Reddit and other platforms.
Security Experts Raise Red Flags Over Identity Theft
Cybersecurity experts are sounding the alarm over the potential risks to users’ safety. Trey Ford, head of security at Bugcrowd, cautioned that the breach could have long-term consequences.
“Connecting usernames to actual legal names and home addresses exposes these women to a variety of concerns,” Ford told AFP. “Identity theft is only the tip of this iceberg.”
As Tea continues to trend—recently topping the Lifestyle category in Apple’s App Store—questions are being raised about its data protection practices and the safety of anonymous platforms handling sensitive content.
