Dating safety app, Tea, suffers breach exposing 72,000 user images

Dating app made for women gets hacked

Tea, a popular app built to help women date more safely, has faced a massive breach that exposed thousands of private photos. Designed as a women-only platform, it lets users share concerns anonymously, helping others avoid unsafe situations.

Now the app itself has become a privacy concern. Many users who trusted it for protection are shaken by the news. The breach has sparked serious questions about app safety and how quickly platforms can go from protective to problematic.

Over 72000 private images exposed

Tea confirmed a major breach where around 72000 images were accessed by outsiders. These pictures were part of the platform’s database and included everything from lighthearted posts to very personal uploads meant to stay private.

The company shared that the exposed images came from before February 2024. Many users were unaware their photos were even stored for that long. As the news spreads, people are now questioning how much of their past digital activity might still be out there.

Selfies and IDs found in the leak

Out of the leaked content, approximately 13,000 of the leaked images comprised selfies or photo IDs submitted during the app’s verification process. These included users holding up their driver’s licenses, which the app said would be deleted right after verification.

Instead, those images were quietly archived and ended up being exposed in the breach. People who believed their identities were safe now face the risk of being identified or impersonated. The incident highlights the dangers of storing verification data longer than promised.

Old system stored data too long

The breach targeted an outdated part of Tea’s platform. According to the company, images and other data were kept in a legacy system that had not been properly secured or updated.

This storage system was still holding information from before February 2024, even after new security tools were added. Experts believe that failing to migrate the old content left a wide gap open. It’s a harsh reminder that older systems need just as much protection as new ones.

Tea had a sudden rise in downloads

Before the breach, Tea saw an explosion in popularity and shot to the top of the free app charts. With growing attention and millions of new users, the platform became a viral hit almost overnight.

But this rise came with growing pains. Rapid downloads often pressure a company’s tech limits, and some cracks may have gone unnoticed. Critics say that Tea’s fast growth might have come at the cost of tight security planning and solid infrastructure.

DMs also accessed in the breach

Tea later confirmed that over 1.1 million private direct messages, dating from early 2023 through July 2025, were accessed in the breach. Some of these conversations dated back more than two years and involved personal exchanges between users.

After the discovery, Tea took down the entire messaging system to prevent further risk. Many users didn’t realize their old chats still existed in storage. The exposure of private conversations adds a new level of concern beyond just photos, especially for those who shared sensitive info in good faith.

No emails or phone numbers leaked

The company stressed that no email addresses, phone numbers, or contact details were shared in the breach. That has been one of the few pieces of good news during this entire situation.

Still, many users feel shaken knowing their pictures and posts were accessed. Even without contact info, the nature of the leaked content feels deeply personal. It reminds users that identity theft or embarrassment doesn’t always require names or numbers to cause harm.

Photos spread across shady websites

After the breach, stolen photos began circulating online through shady forums and pop-up websites. One site even encouraged strangers to rate the women seen in the exposed images.

Although the original website was quickly taken offline, screenshots and downloads spread rapidly. Once something is uploaded online, it can be copied and saved within seconds. That reality is now hitting hard for those whose photos were leaked without consent or warning.

Leaked map tied photos to locations

In a disturbing twist, anonymous posts on 4chan included an unverified map purportedly linking some images to geographic areas, raising stalking concerns.

Although it remains unverified, just the idea of such a tool existing frightened users; it showed how far these leaks can spiral out of control once released. People are now asking how anonymous safety apps could allow something this serious to happen.

Tea says law required photo storage

Tea said that the old verification selfies and images were saved to meet law enforcement standards. They were stored as part of cyberbullying investigations that required proof of identity.

The company admits the images should have been moved to a more secure system. While complying with legal advice, the failure to secure or delete those files left a major hole. Now, many are asking how apps should balance privacy with legal responsibilities.

Cybersecurity experts join the case

Tea hired outside cybersecurity teams immediately after discovering the problem. The FBI has also been contacted to help track the breach and figure out how it happened.

The company said they’re working around the clock to protect users going forward. Cybersecurity experts are reviewing all parts of the system, old and new. With so much on the line, the investigation could take time, but users are waiting for clear answers and lasting fixes.

Some say it wasn’t really a hack

Some tech experts are calling this more of a mistake than a hack. According to reports, the files were available through an open link that anyone could find if they looked hard enough.

The information wasn’t hidden behind strong passwords or encryption. That kind of basic failure has left many people stunned. A safety app with over a million users shouldn’t have left such a sensitive storage point unguarded.

Tea promises stronger app security

Tea has now moved all systems to a more secure platform. They say that users who joined after February 2024 are protected by better safety protocols already in place.

The company is also planning even more upgrades to its infrastructure. Their goal is to make sure this kind of breach never happens again. As trust wavers, Tea is focusing on improving fast while being more transparent about what went wrong.

Users offered free ID protection

To support those affected, Tea is offering free identity protection services. This includes tools to help people watch for fraud, credit misuse, or impersonation using their personal photos.

The company says it will notify users directly if their images were part of the breach. For now, people are being advised to monitor accounts and consider updating identification if needed. Many feel this gesture is helpful, but still want a stronger response overall.

Founder was inspired by his mom

Tea was created by Sean Cook, a software engineer who watched his mother face online dating risks. His goal was to build something that put women’s safety first in a world of unsafe apps.

The concept struck a chord with users and grew quickly. But that mission is now under fire as the platform’s own design choices exposed the very people it promised to protect. The founder is now under pressure to regain user trust fast.

Especially as convenience opens the door to new risks we barely notice, just look at how QR code scams explode as hackers trick millions with fake links.

Backlash adds to app’s challenges

Public reaction to the leak has been swift and emotional. Legal experts, privacy advocates, and former users are speaking out across social media and news outlets.

Some people are calling for accountability, while others are deleting the app altogether. The fallout could shape how people view safety-first apps in the future. For Tea, how they handle this moment might define their reputation for years to come.

While all tech giants rethink how to protect users in a rapidly evolving threat landscape, Google alerts on fraudulent Salesforce apps fueling hacks.

How do you feel about sharing personal data with dating apps? Drop your thoughts in the comments and hit like if digital privacy matters to you.

Read More From This Brand:

• COD Players Wrongly Banned After AntiCheat Hack
• Salt Typhoon telecom hack – FBI says ‘largely contained’
• Hackers Target Unpatched ServiceNow Bugs

Don’t forget to follow us for more exclusive content right here on MSN.

If you like this story, you’ll LOVE our Free email newsletter. Join today and be the first to receive stories like these.

This slideshow was made with AI assistance and human editing.