NEW YORK – July 26, 2025 – The women‑focused dating safety app Tea confirmed a significant data breach on Friday, exposing approximately 72,000 images, including selfies and photo IDs, many of which were later posted publicly on 4chan message boards, according to 404 Media and Tea’s own disclosures.
🔓 Breach Details: Photos from Legacy Storage Leaked
Tea identified unauthorized access to a legacy database containing sensitive images uploaded before February 2024. The images include roughly 13,000 user verification selfies or ID scans and about 59,000 user-generated images from posts, comments, and messages. The hack did not include user emails or phone numbers.
🌐 Leak Goes Viral on 4chan
Users on the anonymous imageboard 4chan claimed the data originated from an exposed Firebase storage bucket, allegedly belonging to Tea. Posts briefly displayed sensitive documents—including driver’s licenses and selfies—before being taken down. Some users marveled at the breadth of the leak:
“DRIVERS LICENSES AND FACE PICS! GET THE F*** IN HERE BEFORE THEY SHUT IT DOWN!”
⚠️ Privacy Backlash and Safety Irony
Launched in 2023, Tea pitched itself as a tool for women to anonymously share “red flag” experiences about men and run reverse‑lookup searches via phone number and photo. The irony of such an app leaking users’ own identity verification images has sparked criticism about its security design and privacy model. Some critics argue that Tea’s structure enabled doxxing by design.
🛡️ Response from Tea and Industry Experts
Tea has engaged third‑party cybersecurity specialists and reassured users that no current user data appears compromised. The company noted the breach occurred before it began requiring photo IDs in mid‑2023 and that legacy data was not migrated into upgraded systems.
Safety and civil‑rights advocates caution that platforms designed for accountability can become tools for abuse if security is not carefully managed. Lessons from previous dating‑app breaches—such as the Ashley Madison incident—illustrate how personal data trails can be weaponized.
As privacy concerns accelerate in the digital dating ecosystem, the Tea breach highlights the tension between safety aims and data protection. Users should review their data exposure risk, and app developers must implement stronger security safeguards if they hope to balance anonymity and access.
