Private messages on Tea, the anonymous dating advice app, were exposed in a recent data breach
Last week, the app acknowledged that it had experienced a data breach of about 72,000 images, including users' photos and driver's licenses.
Now, a Tea spokesperson tells Business Insider that the company "recently learned that some direct messages (DMs) were accessed as part of the initial incident."
"Out of an abundance of caution, we have taken the affected system offline," the spokesperson added.
Security researcher Kasra Rahjerdi told BI that he was able to access more than 1.1 million private messages between Tea's users, including "intimate" conversations about topics like divorce, abortion, cheating, and rape. Some chats included details like phone numbers and locations to meet up, Rahjerdi said. The chats were from February 2023 through July 2025.
404 Media first reported on Rahjerdi's findings.
Rahjerdi told BI that he accessed Tea's app data using Firebase, an app development platform. Rahjerdi said he was able to access real-time data until about 4 a.m. ET on July 26th.
It's not clear if others had accessed this data with the intent to leak or otherwise use it.
Rahjerdi said Tea "did do a lot of really good security stuff on the code they wrote themselves," describing the company's own API as "very secure."
The problem was that Tea used Firebase to store its data, Rahjerdi said, adding that Tea "didn't do the same work there."
"We are working to identify any users whose personal information was involved and will be offering free identity protection services to those individuals," the Tea spokesperson said.
Before news of its data breach broke on Friday, the app had soared to the top of the Apple App Store last week, hitting the top spot. On Monday, it was No. 2 on the chart.
On Tea's website, it says it has a "community of over 4,647,000 women."
In addition to anonymously reviewing men with "red" or "green" flags, the app also lets women seek dating advice and access tools like background checks.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
New York Post
44 minutes ago
- New York Post
Tea app takes messaging system offline after DMs exposed in security breach
Tea, a dating discussion app that recently suffered a high-profile cybersecurity breach, announced late Monday that some direct messages were also accessed in the incident. The app — designed to let women safely discuss men they date — rocketed to the top of the U.S. Apple App Store last week but then confirmed on Friday that thousands of selfies and photo IDs of registered users were exposed in a digital security breach. 3 The app confirmed on Friday that thousands of selfies and photo IDs of registered users were exposed in a digital security breach. REUTERS Advertisement 404 Media was the first to report on this second security issue, citing an independent security researcher who found it was possible for hackers to access messages between users discussing abortions, cheating partners, and phone numbers. In a statement posted on its social media accounts, Tea said it 'recently learned that some direct messages (DMs) were accessed as part of the initial incident.' 3 Tea said it 'recently learned that some direct messages (DMs) were accessed as part of the initial incident.' Instagram / @theteapartygirls Advertisement 'Out of an abundance of caution, we have taken the affected system offline,' the app said. 'At this time, we have found no evidence of access to other parts of our environment.' It is currently unknown how many messages were left exposed by the vulnerability. 3 It is currently unknown how many messages were left exposed by the vulnerability. @ryanasanchez /X Tea has said about 72,000 images were leaked online in the initial incident, including 13,000 images of selfies or selfies featuring a photo identification that users submitted during account verification. Another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed without authorization, a spokesperson said last week. Advertisement No email addresses or phone numbers were accessed, the company said, and the breach only affects users who signed up before February 2024.
Business Insider
an hour ago
- Business Insider
KPMG tells staff to work from home in internal memo after Midtown shooting: 'a terrible, tragic, and frightening event'
KPMG told staff that its 345 Park Avenue office will remain closed on Tuesday, after a shooting in the midtown Manhattan office building on Monday evening left four people dead. In a memo sent to staff at 11:04 p.m. on Monday, the Big Four consulting firm told staff to plan to work from home or another KPMG office on Tuesday. The memo, which Business Insider has seen, was signed by Yesenia Scheker Izquierdo, the managing partner for KPMG's New York office. KPMG has offices on several floors of the office block at 345 Park Avenue. On Monday evening, 27-year-old Shane Tamura was captured on security camera footage entering the building with an M4 rifle. He opened fire in the lobby and proceeded to the 33rd floor, the office of Rudin Management, a real estate company and the owner of the property. Among the four victims were an NYPD officer and an executive at the asset management firm Blackstone. Tamura was found dead at the scene. In the memo sent to staff that evening, KPMG called the shooting "a terrible, tragic, and frightening event." "Our hearts go out to the victims of this horrific act and their families. We are incredibly grateful for the bravery of building security and law enforcement, who continue to investigate, clear the building and evacuate remaining personnel," the memo said. The firm said in the memo that the 345 office would remain closed on Tuesday "in support of law enforcement continuing their activities." "Firm and New York leadership are working closely with security, law enforcement, and people relations to make sure we connect with and account for all personnel in our NYC offices," the firm told staff. "We will communicate when the office is open, and understand you may have left belongings in the office," the memo continued. A KPMG spokesperson confirmed to BI that the office was closed on Tuesday and that employees could work from home. "At this time, we are not aware of any significant physical injuries to our KPMG colleagues," the memo said. In the memo, KPMG advised employees to respond to the "emergency text messages sent to everyone at KPMG in NYC." A KPMG employee told BI that two messages were sent to their corporate phone on Monday evening at around 7 p.m. asking them to confirm whether they were safe or needed assistance. "This is KPMG. Law enforcement is onsite at 345 Park. Please continue sheltering in place until given further instructions by onsite law enforcement," the second of the messages said, according to a screenshot seen by BI. "Press 1 if you are okay and press 2 if you need assistance."
WIRED
an hour ago
- WIRED
Meta Is Going to Let Job Candidates Use AI During Coding Tests
Jul 29, 2025 9:00 AM Mark Zuckerberg has said vibecoding will be a major part of Meta's engineering work in the near future. The Meta AI feature in the WhatsApp app on a smartphone. Photograph:Meta told employees that it is going to allow some coding job candidates to use an AI assistant during the interview process, according to internal Meta communications seen by 404 Media. The company has also asked existing employees to volunteer for a 'mock AI-enabled interview,' the messages say. It's the latest indication that Silicon Valley giants are pushing software engineers to use AI in their jobs, and it signals a broader move toward hiring employees who can vibecode as part of their jobs. 'AI-Enabled Interviews—Call for Mock Candidates,' a post from earlier this month on an internal Meta message board reads. 'Meta is developing a new type of coding interview in which candidates have access to an AI assistant. This is more representative of the developer environment that our future employees will work in, and also makes LLM-based cheating less effective.' 'We need mock candidates,' the post continues. 'If you would like to experience a mock AI-enabled interview, please sign up in this sheet. The questions are still in development; data from you will help shape the future of interviewing at Meta.' This article was created in partnership with 404 Media, a journalist-owned publication covering how technology impacts humans. For more stories like this, sign up here. Meta CEO Mark Zuckerberg has made clear at numerous all-hands and in public podcast interviews that he is not just pushing the company's software engineers towards using AI in their work, but that he foresees human beings managing 'AI coding agents' that will write code for the company. 'I think this year, probably in 2025, we at Meta as well as the other companies that are basically working on this, are going to have an AI that can effectively be a midlevel engineer that you have at your company that can write code,' Zuckerberg told Joe Rogan in January. 'Over time we'll get to a point where a lot of the code in our apps and including the AI that we generate is actually going to be built by AI engineers instead of people engineers … In the future people are going to be so much more creative, and they're going to be freed up to do kind of crazy things.' In April, Zuckerberg expanded on this slightly on a podcast with Dwarkesh Patel, where he said that 'sometime in the next 12 to 18 months, we'll reach the point where most of the code that's going towards [AI] efforts is written by AI.' While it's true that many tech companies have pushed software engineers to use AI in their work, they have been slower to allow new applicants to use AI during the interview process. In fact, Anthropic, which makes the AI tool Claude, has specifically told job applicants that they cannot use AI during the interview process. To circumvent that type of ban, some AI tools promise to allow applicants to secretly use AI during coding interviews. The topic, in general, has been a controversial one in Silicon Valley. Established software engineers worry that the next batch of coders will be more AI 'prompters' and 'vibecoders' than software engineers, and that they may not know how to troubleshoot AI-written code when something goes wrong. 'We're obviously focused on using AI to help engineers with their day-to-day work, so it should be no surprise that we're testing how to provide these tools to applicants during interviews,' a Meta spokesperson told 404 Media.
