Hackers on 4chan have triggered a major security crisis for the Tea app after leaking 13,000 user photos and IDs from the women-focused platform, Tea, which was designed as a safe space for women. The breach—revealed on Friday, July 25, 2025—has left users and privacy advocates stunned as tens of thousands of sensitive images, including government identification documents, surfaced online.
What Happened?
On Friday morning, administrators at Tea confirmed that a security vulnerability in their legacy data storage was exploited by hackers, exposing private data. Early investigations reveal that nearly 72,000 images were accessed without permission:
- 13,000 images: Selfies and photo IDs used for account verification, making them particularly sensitive.
- 59,000 images: User-uploaded images from posts, comments, and direct messages, many of which were visible within the app.
Tea stated that the incident only affects users who signed up before February 2024, since all the compromised data was pulled from older, non-integrated database systems. No email addresses, phone numbers, or newer user data have been reported leaked.
How Did the Leak Unfold?
The leak came to light after a user on 4chan claimed access to Tea’s internal files. Not only did this post make links to nearly 60GB of user data public, but it also included direct lists of file attachments belonging to users. After the story broke, Tea quickly locked down the exposed data and notified affected users via their in-app support chat.
Why Tea App Matters
Tea has rocketed to fame as the top free lifestyle and dating app on the US App Store with over 4 million users as of this week. It is unique in requiring identity verification for its female users, with the aim of preventing catfishing and fostering a safer dating environment.
App features include:
- Anonymous reviews and discussions about men in the dating pool.
- Tools such as AI-powered reverse image search, phone number lookups, and background checks.
- A focus on sisterhood and women’s safety, allowing users to flag concerning behavior and vet potential dates.
But this very focus on safety has amplified the damage of the breach. With thousands of government-issued IDs and women’s selfies posted publicly, trust in identity-verified platforms has taken a hit.
Tea’s Response
A company spokesperson stated:
“Tea has engaged third-party cybersecurity experts and is working around the clock to secure its systems. At this time, there is no evidence to suggest that additional user data was affected. Protecting Tea users’ privacy and data is their highest priority.”
Tea also reassured users that the vulnerability has been closed and the system’s security is being independently reviewed.
Key Details at a Glance
| Breach Details | Information |
|---|---|
| Number of images leaked | 72,000 (including 13,000 IDs/selfies) |
| Main platform responsible | 4chan (where links were shared) |
| User accounts affected | Only before February 2024 |
| Personal contact info leaked? | No emails or phone numbers exposed |
| Current status | Breach contained; security audit ongoing |
What Should Tea App Users Do?
- If you created an account before February 2024, consider updating your login credentials and monitoring for unusual activity.
- Avoid sharing further personal details until Tea confirms all security upgrades are complete.
- Watch for direct outreach from Tea or trusted sources regarding your exposure status.
The breach has ignited widespread debate about privacy risks in identity-verified apps and the responsibility of platforms designed to protect women’s safety.
Have you used the Tea app, or do you have concerns about digital privacy on women’s platforms? Share your thoughts below—your perspective could help others stay informed and vigilant in this fast-changing landscape.