Dating Advice Tea Suffers Major Data Breach: 72,000 Images and Private Chats Exposed
In a major setback to online privacy and digital safety for women, the women-only dating and advice app Tea has suffered a data breach that exposed over 72,000 user images, including government-issued IDs and selfies uploaded for verification. The breach also compromised sensitive private messages. Ironically, the app’s mission was to offer women a safer dating experience by filtering out predatory behavior and offering community-driven red flags. The breach has sparked outrage, legal scrutiny, and a heated debate over how such apps handle sensitive data.
On July 25, 2025, security researchers reported that Tea’s cloud storage, hosted on Google Firebase, was misconfigured to allow public access. As a result, over 72,000 private user images and other media were accessible to anyone with the link. The unprotected data was subsequently posted on controversial forums like 4chan.
Investigations revealed that around 13,000 images were ID or verification selfies, while 59,000 others included photos from posts, profiles, or direct messages. The exposed media was reportedly from users who registered before February 2024, indicating poor data retention practices. Alarmingly, some DMs included deeply personal content related to mental health, abuse, infidelity, and even abortion.
The data breach was initially discovered by 404 Media, who verified the unprotected storage buckets and contacted Tea. No email addresses or phone numbers were accessed, the company said, and the breach only affects users who signed up before February 2024. They are now working with third-party cybersecurity experts and law enforcement to investigate the breach.
The app received backlash by some claiming it is anti-men and an invasion of privacy. They fear that it puts men at risk of invasion of privacy and defamation, with women taking out their anger after a bad date, rather than exposing legitimate concerns.
The human impact of the breach is hard to quantify. Victims include women who shared real names and intimate stories in group chats or private messages. Some were involved in ongoing legal disputes, others discussed trauma, and now all fear being re-exposed or harassed.
However, as reported by VX-Underground on X, even over 12 hours after the compromise was reported, the Firebase instance remained accessible, and users could still upload data, seemingly contradicting the company’s claims of immediate remediation.
