Unauthorized cyber intrusion released personal data of 13,000 users, including photographs and identification details, from the Tea app, marketed as a secure haven for women.
Tea App Suffers Second Major Security Breach
In a troubling turn of events, the women-only dating and discussion app Tea has suffered a second major security breach. This breach, separate from the initial incident, exposed over 1.1 million private messages exchanged between users, containing sensitive conversations about phone numbers, abortions, and unfaithful partners.
The breach, which occurred between early 2023 and as recently as July 2025, allowed a security researcher to access an entirely different database than the one involved in the first incident. The initial breach had compromised approximately 72,000 sensitive images, including selfies and government-issued ID photos submitted for identity verification.
The second breach poses a significant privacy risk, as it reveals intimate and sensitive personal details, including users' private conversations about deeply personal topics and contact information. Since Tea is a platform for women to discuss men and share warnings about potentially abusive partners, unauthorized exposure of these messages could put users at risk of harassment, blackmail, or other harms.
In response to the breach, Tea has disabled its direct messaging service and taken affected systems offline while they investigate and address the issue. However, experts have criticized Tea's security practices as inadequate, and users are advised to exercise caution when sharing sensitive data on such platforms.
A Closer Look at the Second Breach
| Aspect | Details | |----------------------|---------------------------------------------------------------------------------------------------| | Nature of breach | Unauthorized access to a separate database exposing 1.1 million private messages | | Data exposed | Private conversations including phone numbers, abortion discussions, and unfaithful partner info | | Timeframe of data | Early 2023 through July 2025 | | Relation to first breach | Separate from initial hack that exposed 72,000 images and data before February 2024 | | Potential impact | Privacy violation; emotional harm; risk of harassment, blackmail; exposure of sensitive personal data | | Tea's response | Disabled direct messaging; took systems offline; ongoing investigation |
This second breach underscores the serious security shortcomings in the Tea app and the risks users face, even on platforms designed to enhance safety. As the investigation continues, users are encouraged to be vigilant and cautious when sharing personal information online.
References
- The Verge
- TechCrunch
- Wired
- BBC News
- The second Tea app breach, occurring between early 2023 and July 2025, highlights the need for improved cybersecurity measures in data-and-cloud-computing, particularly when sensitive personal information is involved.
- This latest breach, a crime-and-justice issue, has potential implications for general-news outlets, as it sheds light on the vulnerabilities of technology platforms and the risks they pose to users' privacy and safety.
