LAINWIRED.NET

DAILY DOSE OF STUPIDITY

Your opinion is bad and you should feel bad.

DDOS X: Women dating safety app 'Tea' breached, users' IDs posted to 4chan
by Alhazred

July 25, 2025

Tea is a mobile application that instantly became famous. It is a female-centric app (i.e. one has to verify they are a female to use it) whose purpose is "to give women the tools they need to date safely in a world that often overlooks their protection". To translate this mission statement, it's an app for women to discuss their recent dates and ideally warn other women anonymously whether or not their date/ex was/is abusive, red flags etc. More realistically, it's a gossip/doxxing app for women. Earlier today, Tea was "hacked" and all the user data, including photos, IDs and what have you were leaked to 4chan, an imageboard website that is rather infamous on the wider Internet. Hacked here is used very, very liberally, as all the user data that was leaked was actually stored in a public bucket. No authentication necessary, just the data on a bouffet platter.

One finds it hard to feel sad about the users of an app that intrudes on privacy even more than Pokemon Go (remember that?), especially taking in consideration potentially foul intentions, but still once one gets past the initial wave of karmic Schadenfreude, the questions pile up. How could an app that was active for 2 years (prior to its meteoric rise in fame) have such flawed security? If it was created yesterday, I would just say "it was vibe-coded into existence" and probably been accurate. As a matter of fact, had I to guess, the surge in popularity might have forced the Tea team to move their storage from a potentially more "secure" position to its public bucket position, and since the move was recent AI could have been involved there too. Or alternatively, it was always faulty but nobody paid too much attention to it. There are other things that point to this as well - the pictures uploaded to it did not have metadata stripped, which allowed other 4chan users to more or less map the images to a map in the US for all to see who your local neighborhood gossip girl is.

Regardless, on the Website of the true Hackers, people discuss what one expects - dating advice. Dating apps are bad, the users had it coming, how is this legal (it bears noting that in the United States the first amendment allows for one to state their opinion on another person, as is posting pictures of another person online, making at least a large chunk this app legal). A brave Hacker considers that really, it's the mishandling of user data that is the major crime here - as in, it should be outlawed. I personally think that you should avoid uploading a picture of yourself and your driver's license on whatever app happened to be popular that week, but what do I know.

Shockingly, some Hackers take note of the irony of such timing - today is the day that the UK's Online Safety Act goes into effect, which essentially forces a large portion of websites that serve content to users in the UK to also gather data, such as IDs, from them, in order to ensure they are adult users. A data breach like this, as far as I care, symbolize the future failings of this bill. But more on that on a future Daily Dose of Stupidity.

Welcome to the Wired

Do you find yourself saying: "I haven't had enough"?

Then you may find older DDOS entries in the archive.

This website was created out of a misplaced sense of nostalgia, too much free time and truly baffling aesthetic sensibilities. We hope you enjoy your time here.

If you hate the idea of using this eyesore of a website but still find value in its content for whatever reason, RSS will be coming soon (TM).

Kyurems webroom WIRED COLLECTIVE WEBRING