By John Q. Hosedrinker 
Following a recent cybersecurity breach, the dating discussion app Tea announced that some direct messages were also accessed. The app, which allows women to anonymously discuss men, previously revealed that thousands of user selfies and photo IDs were exposed. The company stated it is working to identify impacted users and offer identity protection services, while also emphasizing the need for users to consider real-life security precautions. The breach affects users who signed up before February 2024, with approximately 72,000 images leaked in total, including those found in direct messages.
Read the original article here
Tea app takes messaging system offline after a second security issue reported. The news is out, and it’s not good. Tea, the dating discussion app designed to let women safely discuss men, has taken its messaging system offline. After the initial security breach, which exposed thousands of user photos and IDs, a second issue has been reported. This time, it involves the unauthorized access of direct messages (DMs). It sounds like the situation is escalating quickly.
This all sounds like a complete mess, doesn’t it? It’s genuinely surprising that the app, given its security track record, is still allowed on the major app stores. The comments have made it pretty clear that this is a disaster waiting to happen, and that the potential for hate and harassment is through the roof. Moderation seems to be nonexistent, which is a major red flag.
The r/cybersecurity community on Reddit has been dissecting the issue, and the reports are concerning, to say the least. The app’s developers allegedly failed to implement basic security measures, possibly retained user data without proper consent, and then attempted to deflect blame. It’s a textbook violation of industry best practices.
Adding fuel to the fire, there’s been talk of someone creating a “rating game” using the leaked images. This goes way beyond a simple data leak, and it really speaks to the lack of respect for user privacy and security. This situation recalls the original iteration of this concept, an app called Lulu, which predated Tea. It was a Facebook extension, where women could anonymously rate men.
Knowing how apps and online spaces evolve, it’s easy to see how this one devolved from good intentions. There’s a sense that the app, in some ways, facilitated the spread of harmful information and allowed users to engage in behaviors that would be unacceptable if the roles were reversed. Imagine a world where men had a similar app, where photos could be posted without consent and where users could make disparaging remarks about women. The backlash would be immediate and severe.
And let’s be real, the lack of security seems almost like a parody. They’re collecting sensitive personal information and private messages but not taking even basic precautions to protect it. It calls into question the app’s entire purpose and whether it was a genuine effort to provide a safe space. It is a glaring issue when the security aspect feels as if it were a complete afterthought.
It’s certainly a valid point to consider why, if the app was meant for discussing men, and if all of the information was out in the open and visible, why the app couldn’t have operated this way. People deserve to be able to defend themselves against accusations.
The irony isn’t lost on anyone. An app built to prevent doxxing and help create safety and awareness, yet failing to protect their user’s data. This is a prime example of how quickly these spaces can become toxic and create a hostile environment. There’s a lot of anger directed at a perceived tribalism and gender wars, especially when the goal of these spaces should be safety.
Also, the app was definitely not a hack, and the data was available in public buckets of storage.
As for its design, the app seems to have failed on all fronts. It’s one thing to leak photos and verification details, but compromising DMs raises the stakes considerably. Now, people are worried about potential prosecution regarding conversations that they had. There’s also a point of how idiotic it is to put the burden of ID verification onto the platforms and apps themselves. The concept simply does not ensure actual safety.
This seems to be just another iteration of a recurring theme: an app that sets out with a well-meaning premise, only to become a cesspool of toxicity. The comments are clear: the app was a disaster waiting to happen, and anyone with any foresight would have predicted its eventual downfall. The whole thing’s a Black Mirror episode come to life, with the toxic cycle of gender wars and the use of anonymous hate that plagues the internet.
It’s important to remember that even if there are good intentions, such spaces can quickly devolve into something else entirely. One comment hit the nail on the head: it’s a place that creates an incel or femcel dynamic. These apps can’t be compared to any public space. Reddit’s rules give communities a chance to exist and self-moderate in a way that this app never did. And the result has been exactly what everyone predicted.
The fact that men can’t even register for this app and can’t even sue the company speaks volumes about the developers’ intent. There’s an interesting comment about a related project that was submitted to the app stores and rejected. It really highlighted that the issue wasn’t the idea itself. But rather, the nature of its intent and what it represents.
There’s talk of aggregating the private nudes and pics. This raises concerns about the violation of privacy. The fact that people are in serious trouble over this, both users of the app and the subjects, is a terrible situation. These groups and apps that are designed to do this type of thing have never been a good idea.