Tea, an app that was made exclusively for women, requires the user to prove their identity as a woman by presenting ID. However, it’s been discovered by a group of 4chan users that every woman’s personal data who signed up for it was put on a public server.
While this is technically a “data breach”, the information was always publicly available and has just been discovered by people who were looking for it.
Every single piece of identification used to sign up was stored in a public storage bucket, one that doesn’t even require password entry.
As a result, the information of everyone on the app should be considered compromised, with users using scripts to scrape and collect all of their data before the hole could be plugged.
Tea app uploaded users’ personal data to a public server
Tea Dating Advice is a women-only app that’s used to make sure that women are safe when trying to date on other apps like Hinge, Bumble, and Tinder, by allowing them to get advice from other women in their relationship.
Whether it be background checks, speaking with others to hear about their experiences with the person you’ve matched with, or just general dating advice, it was designed to make the online dating world a bit more secure for women.
However, as it turns out, the app has accidentally done the polar opposite. In order to access Tea, users are required to post full proof that they’re a woman before getting on the app.
This has to be a source of identification that indicates their gender, meaning most users would naturally gravitate toward uploading their license or state-issued ID. Almost 60GB worth of selfies and personal identification have been posted online.
Rather than putting this data on a secure server, Tea’s data was posted to a publicly accessible server that has already been discovered by users on 4chan. They publicly posted the links to both the public storage and a pastebin that allocated all the user data into one spot, telling people to check and see if they’re in it.
Tea has yet to comment on the data breach.
Sources Richer Than You Report How Much Splurging Was Worth It