In a significant security incident, Tea, a women-only dating advice app, has exposed approximately 72,000 images, including selfies and photo IDs. The breach affects users who joined before February 2024 and does not include email addresses or phone numbers. Tea is collaborating with cybersecurity experts to secure its systems and protect user privacy.
Details of the Breach
On July 25, 2025, Tea identified unauthorized access to its systems at 6:44 AM PST. The compromised data includes:
-
13,000 images: Selfies and photo IDs submitted during account verification.
-
59,000 images: Publicly viewable content from posts, comments, and direct messages.
Tea clarified that no email addresses or phone numbers were accessed, and only users who signed up before February 2024 were affected. The company emphasized that protecting user privacy is its highest priority and is working diligently to secure its systems.
Tea’s Response and Measures Taken
Tea has engaged third-party cybersecurity experts to address the breach. The company is working around the clock to secure its systems and has implemented additional security measures to prevent further exposure. Tea has also fixed the data issue and has no evidence to suggest that additional user data was affected.
Implications for Users
Users who joined Tea before February 2024 may be affected by this breach. Tea has assured users that no email addresses or phone numbers were accessed. The company is committed to transparency and will provide updates as more information becomes available.
References
-
Tea App Suffers Data Breach Exposing 72,000 Images. Associated Press. July 25, 2025. (apnews.com)
-
Tea App Data Breach Details. Tea Official Statement. July 25, 2025. (teaforwomen.com)
-
Tea App Data Breach Confirmed. Good Morning America. July 25, 2025. (goodmorningamerica.com)
The focus on pre-February 2024 users suggests a specific vulnerability window. I wonder if the root cause was a code update lacking robust security testing before deployment, or perhaps a lapse in server configuration during that period? Investigating the timeline is key.
That’s a great point. The timeline is indeed crucial. Exploring the possibility of a code update or server configuration change around that time is definitely a priority in the ongoing investigation. Thanks for highlighting this key area!
Editor: StorageTech.News
Thank you to our Sponsor Esdebe
Given the breach occurred on July 25, 2025, what specific security protocols were in place before February 2024 compared to those implemented afterward? Was the shift to new measures driven by a known vulnerability at that time?
That’s an excellent question! We are currently investigating the differences in security protocols before and after February 2024. Determining if a specific known vulnerability triggered the shift is a key aspect of the investigation. We’ll share more information as it becomes available.
Editor: StorageTech.News
Thank you to our Sponsor Esdebe