Final week, the relationship security app Tea skilled a data breach, exposing 72,000 delicate photos containing selfies and picture IDs for account verification, in addition to photos from posts and messages. The non-public information was reportedly shared by customers on 4chan.
As now reported by 404 Media, a second security problem uncovered extra person information, prompting the app to disable its direct messaging function on Tuesday afternoon.
Earlier this week, 404 Media acquired a tip from impartial security researcher Kasra Rahjerdi, together with messages between customers sharing telephone numbers and discussing abortions and untrue companions.
The app — created to offer a platform for girls to trade details about males they’ve dated — launched an announcement final week concerning the preliminary breach, stating that it solely affected customers who signed up earlier than February 2024. Rahjerdi’s findings revealed messages from early 2023 till as much as final week, with greater than 1.1 million messages recorded.
Seemingly in response to the report, Tea introduced on Instagram that it has quickly disabled its direct messaging function. The corporate acknowledged that “Out of an abundance of warning, we have now taken the affected system offline,” seemingly as a precaution following the second security incident.
Tea, which launched in 2023 however has since gained huge consideration, presently ranks No. 2 on the Apple App Retailer’s prime free app chart. In response to estimates from Sensor Tower, the app has round 2 million month-to-month lively customers as of this month.
This story was up to date to incorporate the app’s announcement on Instagram and Sensor Tower estimates.
Techcrunch occasion
San Francisco
|
October 27-29, 2025
