Tea Dating App Hacked, Exposing 72,000 Women’s Images
Tea app a women-only dating safety platform was hacked, leading to exposure of approximately 72,000 images, including IDs and verification selfies. Company confirms data was legacy-only and is working with cybersecurity experts
The Tea app is a women-only platform launched to empower users to anonymously review dates, share safety insights, and search images or background information about potential partners. It surged in popularity in July 2025, topping the U.S. App Store and accumulating over 2 million new signups in days
What Was Breached
On July 25, 2025, Tea confirmed hackers gained access to a legacy data storage system, leaking over 72,000 image files, which included:
- ~13,000 selfie and government ID verification images
- ~59,000 user-generated images (comments, DMs, and public posts)
The company stated that the breach affected only users who joined before February 2024 and that no current account information emails or phone numbers appears compromised
How the Leak Spread
The breach was reportedly discovered by users on 4chan, where an unsecured Firebase database link was shared, exposing personal data. Despite deletion of the initial thread, third parties continued scraping the exposed content
Reactions from Cybersecurity Experts & Users
Reddit users and tech commentators mocked the app’s lax security. One wrote:
“They put their user database in UNSECURED cloud storage… should be sued into the ground.”
Observers called the breach a cautionary tale about overreliance on poorly audited AI-generated or minimal-code solutions sometimes known as "vibe coding" leading to major vulnerabilities
Tea’s Official Response
Tea confirmed that the exposed data came from legacy storage retained due to law enforcement cyberbullying prevention compliance. Company spokespeople emphasized that protecting user privacy remains their highest priority. They have engaged third-party cybersecurity firms to remediate vulnerabilities and lock down infrastructure
