WASHINGTON: The women-only dating advice app Tea has temporarily disabled its direct messaging feature after multiple security breaches exposed users’ personal information and private conversations. The company announced the suspension on TikTok, citing an “abundance of caution” following the discovery of the vulnerabilities.
The decision comes after tech publication 404media reported last week that Tea had accidentally leaked the names, selfies, and identity documents of thousands of women. A follow-up report on Tuesday revealed that private messages—including discussions about abortions and infidelity—were also compromised.
With 4.6 million users, Tea markets itself as a “dating safety platform” designed to help women avoid dishonest or dangerous men. The app encourages anonymous sharing of details about potential dates, allowing users to flag men as risky or trustworthy. “Everything is anonymous,“ the app assures users upon sign-up. However, Reuters found that selfies and ID card data remained publicly accessible, though the reason for this exposure remains unclear.
In a TikTok statement, Tea confirmed that the FBI is investigating the breach. The FBI declined to comment when contacted by Reuters.
Eva Galperin, cybersecurity director at the Electronic Frontier Foundation, criticized the app’s security measures, calling its anonymous whisper-network model “a little bit sketchy.” She added that the developers worsened the situation by being “honestly negligent” with user data, particularly given the sensitive nature of the information shared. - Reuters
