Hackers Breach the Tea App, Leaking on 4CHAN 13,000 User Photos and IDs, From a Platform Meant for Women’s Safety

What caused the Tea App data breach to expose 72,000 images?

Imagine signing up for an app meant to keep you safe, only to find your personal information shared across the internet.

This is the reality for thousands of women who used the Tea app, a platform designed as a secure space to share dating experiences.

A recent cyberattack has left users vulnerable, sparking concerns about online privacy and safety.

What happened, and how did a tool meant to protect women become a source of risk?

What Happened in the Tea App Data Breach?

The Tea app, popular for allowing women to anonymously review men they’ve dated, was hit by a major security breach in July 2025. Hackers accessed a database containing 72,000 images, including 13,000 selfies and government-issued IDs used for account verification.

These images, which the app promised to delete after review, were stored in an outdated system. Another 59,000 images from posts, comments, and direct messages were also stolen.

The breach affected users who joined before February 2024, but no email addresses or phone numbers were exposed, according to Tea’s statement. The company has since hired cybersecurity experts to fix the issue and secure its systems.

A second security flaw, reported by 404 Media, allowed access to over 1.1 million private messages sent between users from early 2023 to July 2025. Some messages contained sensitive details, making it easy to identify users.

While it’s unclear if these messages were leaked online, the discovery raised further alarms about the app’s security measures. Tea took the affected systems offline to prevent more damage.

The Fallout and User Risks

The stolen data quickly spread across platforms like 4Chan and X, where hackers shared selfies and IDs. Some even created a Google Map claiming to show the locations of affected users, though no names were attached.

A now-deleted website reportedly allowed people to rate the leaked selfies, turning a privacy violation into online harassment. These actions have heightened fears of identity theft, stalking, and doxxing among users.

Tea’s promise of anonymity and safety has been shattered. The app, which surged to the top of the Apple App Store with over 4 million users, now faces backlash. A class-action lawsuit filed by user Griselda Reyes accuses Tea of failing to protect personal information. Many users are questioning whether their data is safe, and some remain stuck on waitlists, unable to access the app.

What’s Next for Tea and Its Users?

Tea has pledged to strengthen its security and is working with law enforcement to investigate the breach. The company is also offering identity protection services to affected users. However, the damage to its reputation may be hard to repair.

Experts warn that apps collecting sensitive data, like IDs, must prioritize robust security to prevent such incidents. For users, this breach is a reminder to be cautious about sharing personal information online, even on platforms marketed as safe.

This incident has sparked a broader debate about online privacy and the risks of identity verification processes. As women seek tools to navigate dating safely, the Tea app’s failure shows the importance of balancing security with user trust.

The road to rebuilding that trust will be long, but it starts with transparency and stronger protections.

You might also want to read: A Woman Archived Over 300,000 Hours of TV on 71,000 VHS Tapes Across 35 Years. She Was Afraid People Would Rewrite History