Women's ‘red flag' app Tea is a privacy nightmare
Tea was founded by software developer Sean Cook, who said he was inspired to create an anonymous whisper network after witnessing his own mother's 'terrifying' dating experiences with men. It was also heavily influenced by the rise of 'Are We Dating The Same Guy' Facebook groups and operates in a similar paradigm of sounding anecdotal alarms about men people have dated. The app surged in popularity to the top spot on Apple's App Store last week. Tea claims to have more than 4 million active users.
On July 25th, 72,000 images — including 13,000 selfies and driver's licenses, as well as another 59,000 images, that were published on the app — were breached, with many downloaded and posted publicly on 4chan. 4chan users initially posted images of four women's driver's licenses, redacting some personal information, but the firestorm of comments in the thread suggested that thousands of images were downloaded before the company was aware of the breach. Tea told 404 Media that it had launched 'a full investigation with assistance from external cybersecurity firms,' and that it was working with law enforcement 'to assist' in their investigation.
Tea was storing its users' sensitive information on Firebase, a Google-owned backend cloud storage and computing service. Since 2023, Tea no longer requires users to send in photos of their IDs for verification purposes. While the company initially insisted that the hack only affected its 'legacy' database and users who signed up before February 2024, according to the independent researcher and data trove reviewed by 404 Media, Tea remains unsafe, way beyond the scope of the original hack, and private messages sent as late as last week are accessible and vulnerable to further exposure.
Since Tea's surge in use among women, it's drawn more incensed criticism and ire among so-called 'men's rights' groups online.
Men who discovered they appeared on the app have called it a 'toxic' network. Some are going viral on TikTok and X, claiming that the assertions made about them are defamatory and wholly untrue. 'The issue is that people (women especially) won't see this as an issue until the male version of the app is created. I deserve to know my date's STD history, body count, etc.,' reads a top-rated comment on a thread in the subreddit r/MensRights. A retaliatory app featuring women was created shortly thereafter, called Teaborn, but it was promptly taken down after reports of users posting revenge porn.
Several cybersecurity and data privacy experts have called Tea's storage methods, which led to the initial hack, downright negligent.
'This data was originally stored in compliance with law enforcement requirements related to cyber-bullying prevention,' the company initially claimed in the statement provided to 404 Media.
Peter Dordal, a professor of online networks and security at Loyola University in Chicago, told The Verge that he believes the company's statement — that it was in compliance with the law — is 'misleading,' and that the company could have done more to prevent this cybersecurity nightmare. '[The statement] is misleading on two counts: first of all, law enforcement doesn't set requirements; that's the job of Congress and state legislatures. Tea didn't cite the actual legal requirement,' Dordal said. 'Second, if there was a legitimate legal need to retain these images, they shouldn't have been accessible online at all; they are clearly not needed for ordinary site activity.'
Dordal added that while it's commonplace for user data to be stored in the cloud, Tea should have taken measures to ensure that it could not be accessed by the public. Tea's terms and conditions also claim it deletes user data after verification, which it has apparently failed to do.
'Tea definitely had negligent security practices if the current reporting is true,' said Grant Ho, an assistant professor at the University of Chicago who researches computer security. 'A company should never host users' private data on a publicly accessible server, and, at a minimum, the data should've been stored encrypted.'
Andrew Guthrie Ferguson, a law professor at George Washington University and expert in Big Data surveillance, points out that a whisper network on the internet is no longer safeguarded like a real whisper network could be when it operates offline. Your data is no longer in your control.
'What changes when it's digital and recoverable and save-able and searchable is you lose control over it,' Ferguson said. 'You can't keep it within the confines of people you trust.'
Posts from this author will be added to your daily email digest and your homepage feed.
See All by Tanya Tianyi Chen
Posts from this topic will be added to your daily email digest and your homepage feed.
See All Analysis
Posts from this topic will be added to your daily email digest and your homepage feed.
See All Security
Posts from this topic will be added to your daily email digest and your homepage feed.
See All Social Media
Posts from this topic will be added to your daily email digest and your homepage feed.
See All Tech
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
19 minutes ago
- Yahoo
Amazon Warns AI Capacity Limits, Stock Retreats
Amazon (NASDAQ:AMZN) slid after its earnings call because Andy Jassy was blunt: AI demand is real, but the company can't just snap its fingers and supply enough capacity. Electricity and chip shortages are the choke points, and he said it will take several quarters to work through it, even if things slowly improve each period. Warning! GuruFocus has detected 5 Warning Signs with NVDA. He pushed back on the idea Amazon is losing the AI race and leaned into the spend$31.4Billion of AI-heavy capex in Q2 is the kind of run rate the back half is built on, with more going into chips, data centers and power. Tariffs haven't bitten yet in H1, he said, but who ends up paying higher U.S. rates later is still unclear. That caution rubbed some investors the wrong way. Lucas Ma of Envision Research warned the heavy investment and mounting competition from GOOG (NASDAQ:GOOG) and META (NASDAQ:META) could squeeze free cash flow, making capital allocation riskier if the AI arms race keeps accelerating. Amazon is chasing a big AI opportunity while bumping up against real limits, so growth hinges on execution and capital discipline. The next signs to watch are whether capacity actually ramps as promised and whether margin or cash flow pressure shows up once tariffs shift. This article first appeared on GuruFocus. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
19 minutes ago
- Yahoo
Super Micro Q4 Earnings Loom--Should You Buy, Hold, or Sell?
Aug 1 - Super Micro Computer (NASDAQ:SMCI) prepares to report fiscal fourth-quarter 2025 results on August 5, with analysts watching for a potential earnings surprise as the company leans on surging AI infrastructure demand. Wall Street expects revenue near $6 billion, slightly below the midpoint of management's prior outlook, and EPS estimates also reflect modest expectations. The San Jose-based server and data center solutions provider navigated a soft fiscal Q3 as revenue came in at $4.6 billion, up 19% year-over-year but just shy of forecasts. Management attributed the shortfall to customers delaying purchases amid the transition from Nvidia's (NVDA) Hopper to Blackwell GPUs, with deferred orders expected to contribute to a stronger Q4 and early fiscal 2026. Warning! GuruFocus has detected 7 Warning Signs with SMCI. Super Micro continues to expand globally, launching over 30 new Blackwell-based AI server solutions and forming a multi?year, $20 billion partnership with Saudi DataVolt to deploy ultra?dense GPU platforms in the U.S., U.K., and Saudi Arabia. With 9% share of the AI platform market and 31% in branded AI servers, the company positions itself for growth as liquid?cooled and high?density solutions drive demand. Investors now look for confirmation that Q3 was a reset, not a slowdown. Based on the one year price targets offered by 16 analysts, the average target price for Super Micro Computer Inc is $41.06 with a high estimate of $70.00 and a low estimate of $15.00. The average target implies a downside of -27.40% from the current price of $56.55. Based on GuruFocus estimates, the estimated GF Value for Super Micro Computer Inc in one year is $71.09, suggesting a upside of +25.71% from the current price of $56.55. Gf value is Gurufocus' estimate of the fair value that the stock should be traded at. It is calculated based on the historical multiples the stock has traded at previously, as well as past business growth and the future estimates of the business' performance. For deeper insights, visit the forecast page. This article first appeared on GuruFocus.
Yahoo
19 minutes ago
- Yahoo
Riot Rides Bitcoin To Profit, But Market Frets Over Slow Data Center Growth
Riot Platforms, Inc. (NASDAQ:RIOT) shares are trading lower on Friday. Riot reported second-quarter revenue of $152.99 million, beating analyst estimates of $147.65 million. The firm reported second-quarter earnings of 57 cents per share, beating estimates for a loss of 10 cents per the earnings release, JP Morgan analyst Reginald L. Smith reiterated the Neutral rating on the company. Smith notes that Riot's second-quarter results were largely in line with JP Morgan's expectations, with a modest sequential dip in revenue and cash operating profit due to seasonal curtailment that reduced bitcoin output. During the earnings call, management highlighted their long-term strategy to monetize Riot's power infrastructure through high-performance computing (HPC) data centers, starting with 600 MW at the upcoming Corsicana site set to launch in 2026. In the short term, Riot intends to continue leveraging its energy assets primarily for bitcoin mining while gradually preparing its 1.8 GW portfolio to cater to HPC clients. Smith believes Riot's infrastructure is well-positioned to support low-latency HPC workloads and sees promise in recent team expansions and site upgrades. However, he cautions that investors awaiting near-term colocation deals may need to stay patient, as Riot was relatively late to embrace the HPC model and such agreements typically require over nine months to finalize. Smith observes that management continues to see robust interest in power from hyperscalers, especially in key markets like Dallas, and is actively in discussions with potential partners. Riot's top focus is securing a tenant for its planned 600 MW build-to-suit data center at the Corsicana site, with 400 MW expected to be available in the first half of 2026 and the remaining 200 MW in the second half. The company has also made site-specific upgrades to support high-performance computing needs, including acquiring adjacent land and obtaining approval for a new water line. Smith notes that location is a key factor for hyperscalers evaluating new data center builds, and he believes Riot is well-positioned to meet the requirements of large-scale, low-latency HPC operations. However, since Riot only began seriously pursuing the HPC strategy in late 2024 and such deals typically require nine months or more to finalize, Smith does not anticipate a near-term colocation announcement. Price Action: RIOT shares are trading lower by 16.5% to $11.21 at last check Friday. Photo by T. Schneider via Shutterstock Latest Ratings for RIOT Date Firm Action From To Mar 2022 Compass Point Downgrades Buy Neutral Jan 2022 Northland Capital Markets Initiates Coverage On Outperform Jan 2022 Cantor Fitzgerald Initiates Coverage On Overweight View More Analyst Ratings for RIOT View the Latest Analyst Ratings Up Next: Transform your trading with Benzinga Edge's one-of-a-kind market trade ideas and tools. Click now to access unique insights that can set you ahead in today's competitive market. Get the latest stock analysis from Benzinga? This article Riot Rides Bitcoin To Profit, But Market Frets Over Slow Data Center Growth originally appeared on © 2025 Benzinga does not provide investment advice. All rights reserved.
