Tea, which not too long ago climbed to the highest of the App Store with over 4 million customers, permits girls to tag males’s relationship profiles with “red flags” for behaviors starting from ghosting and infidelity to sexual misconduct. Its rising reputation was fueled by a promise of security, transparency, and digital accountability in on-line relationship. But latest revelations recommend the platform failed to guard the very customers it sought to empower.

Last week, tech information outlet 404 Media reported that customers of the nameless message board 4chan had gained entry to a Tea database containing photographs, chat logs, and government-issued identification used throughout verification. Screenshots from the breach confirmed customers allegedly downloading and distributing the info, together with selfies and personal messages. At least 70,000 photographs are believed to have been compromised, based on safety researchers.

Tea initially acknowledged that the uncovered knowledge got here from an outdated storage system and was greater than two years outdated. However, follow-up reporting by 404 Media revealed that some leaked messages had been dated as not too long ago because the earlier week. The conversations included deeply private subjects reminiscent of abortions, infidelity, and cellphone numbers. Many chats, although linked to usernames, contained sufficient info—reminiscent of social media handles—for identities to be traced.

In a second breach, an impartial researcher found {that a} separate database allowed entry to much more latest messages. The identical vulnerability additionally permitted unauthorized customers to ship push notifications to the app’s full consumer base, elevating fears of coordinated harassment or misinformation.

Despite claims of encrypted communication and short-term doc retention, the repeated lapses have sparked broader issues in regards to the app’s infrastructure and transparency.

Tea’s core premise—permitting girls to anonymously share experiences with males—has drawn criticism from some who argue it invitations defamation. Now, that controversy has expanded to a far-reaching privateness disaster affecting customers of all genders.

As safety consultants assess the fallout, the incident has revived a bigger debate about security, consent, and knowledge safety within the quickly rising on-line relationship business. Neither Tea nor its guardian firm has commented on whether or not affected customers might be notified or compensated.