Latest news with #ScottCole
Express Tribune
5 days ago
- Express Tribune
Tea app faces 10 class-action lawsuits after data breach exposes user identities and private messages
The Tea app, a platform launched in 2023 to help women share safety information about men in their area, is now the subject of 10 class-action lawsuits in federal and state courts. The legal action follows a July 2025 security breach in which hackers accessed and leaked sensitive user data. The breach exposed 72,000 images, including 13,000 verification photos and government IDs, as well as 1.1 million private messages containing personal details such as phone numbers and legal names. In response, Tea disabled its direct messaging feature and offered free identity protection services. However, the lawsuits claim that the company failed to safeguard user data and violated contractual promises to protect anonymity and delete verification information. Lawyer Scott Cole, representing plaintiff Griselda Reyes and four other women, told NBC News that many users fear long-term repercussions from the leak. One lawsuit also names 4Chan, Teaspill, and X as defendants, alleging they facilitated the spread of the stolen information to harass targeted users. Four of the suits seek $5 million each in damages for harassment and doxxing, with experts warning the total compensation could reach hundreds of millions. Vanderbilt Law School professor Brian Fitzpatrick told NBC News that beyond financial penalties, the incident could severely harm Tea's reputation and user trust. The lawsuits mark a significant challenge for the app, which was originally promoted as a safe space for women to communicate about potential threats in their community. With legal proceedings underway, the outcome could set a precedent for accountability in online safety platforms.
NBC News
05-08-2025
- Business
- NBC News
10 women have sued the Tea app after user photos were hacked and leaked online
The Tea app, made for women to anonymously share information about men in their areas with other women, has been hit with 10 potential class action lawsuits in federal and state courts after a data breach led to the leak of thousands of selfies, ID photos and private conversations online. All of the lawsuits allege that Tea Dating Advice Inc., the company that created the Tea app, was negligent in its data practices and breached a contract with its users. The suits could result in Tea having to pay tens of millions of dollars in damages to the plaintiffs, which could be catastrophic for the company, an expert told NBC News. A Tea spokesperson declined to comment on the lawsuits. The app gained popularity in late July and climbed to the top of the Apple App Store as many women sought to share information with other women about men they were dating or had dated. The app allows its users to upload photos of men, deem them 'red flags' or 'green flags' and share other information about them. As of Tuesday, the app was still ranked third on the Apple App Store's top free apps list. To join the app, users are required to take verification photos, which Tea has said are deleted after they are submitted. A Tea spokesperson previously told NBC News that 'this data was originally stored in compliance with law enforcement requirements related to cyberbullying prevention.' The first breach occurred July 25. A Tea spokesperson has told NBC News that it consisted of about 72,000 images, 59,000 of which were images in which posts, comments and direct messages were viewable. 404 Media reported two days later that Tea had experienced a second security issue, in which more than 1.1 million user direct messages, spanning from early 2023 to last month, were exposed. Tea had confirmed to NBC News that a breach occurred in which 'some direct messages (DMs) were accessed as part of the initial incident.' Scott Cole, a lawyer who is leading a lawsuit against the app, said his client, Griselda Reyes, signed up for the app only days before the breach happened. The suit says that Reyes had received a notice from Tea that her data was involved in the breach and that as a result, she has since taken action to explore 'credit monitoring and identity theft insurance options.' A Tea spokesperson previously said the breach would have given access to a 'dataset from prior to February 2024.' On Tuesday, a judge granted a motion an anonymous plaintiff had filed for her case to be combined with Reyes' and three others. 'Her particular concerns have more to do with information that she has shared with others on the site and how that might come back to haunt her in the future, and I think that's probably the No. 1 concern that I've heard directly or indirectly from users,' Cole said. One of the suits lists the right-wing online discussion board 4chan and the social platform X as defendants, alleging that they allowed bad actors to spread users' personal information. The day before the breach, users on 4chan had called for a 'hack and leak' campaign. On the day of the leak, a 4chan user had posted a link that the suit alleges allowed people to download the database of images, some of which appeared to later circulate on X. On X, users began to circulate a link to a website called TeaSpill that allowed people to rank the photos of the women based on attractiveness. X and 4chan did not respond to requests for comment. The plaintiff in the suit against Tea, X and 4chan, who is listed anonymously as Jane Doe, joined the app 'to anonymously warn other women in her Northern California community about a man who sexually assaulted at least two other women.' 'The app promised her that anonymity. It promised her safety. It promised to delete her verification data. Tea broke every one of those promises,' the suit reads. Five of the plaintiffs in the suits are named, while five are listed anonymously as Jane Doe. John Yanchunis, an attorney for a user who filed another case anonymously as Jane Doe on Thursday, said his client has faced immense harassment online because of the breach. 'Because of the breach, some very sensitive information became publicly available, and that led certain individuals to engage in online harassment,' he said. 'That's been devastating to her, as it would be to any individual to be the subject of ridicule. She has suffered emotional distress and has had to take steps to ensure that she can defend as best she can against both the attacks as well as the ongoing threat to identity theft.' Brian Fitzpatrick, a professor at Vanderbilt Law School who specializes in class action suits, said it can be easy to prove that defendants are liable for data breaches in similar class action lawsuits but harder to prove damages, such as that people's data is being used maliciously. But Fitzpatrick said the ways users have been circulating Tea users' information online, including one who is alleged to have created a map with Tea users' home addresses, Tea could have a harder time fighting damage claims. At least four of the suits seek at least $5 million in damages, though the amounts awarded could climb much higher. Fitzpatrick said that, as in many data breach suits against major companies like MGM Resorts and T-Mobile, settlements can reach hundreds of millions of dollars. He said such cases typically involve millions of class members, who usually divide the settlement money. For a smaller company like Tea, which, according to its LinkedIn page, has only five employees, an adverse ruling could be extremely detrimental, meaning higher checks for the suit's class members since its user base is still relatively small compared with those of larger companies. 'We may not know if it will become an actual as opposed to potential class action for months or even years,' Fitzpatrick said. 'All the class members are automatically included. They will be given an opportunity to opt out, but if they do not, they are included.' Many of the suits have classified their class members as those who are 'similarly situated' as the plaintiffs. One of the suits reads that its class members 'are so numerous that joinder of all members is impracticable,' but that it estimates that it is 'composed of millions of individuals who have been damaged' by the Tea app. The company's founder, Sean Cook, said in a Medium interview in May that he started Tea after he saw his mom's dating experiences, including 'how easy it was for catfish, scammers and criminals to take advantage of women on dating apps and how little traditional dating apps do to protect users.' According to his LinkedIn page, Cook created and 'self-funded' Tea in November 2022. Before that,he worked in technology in San Francisco since 2019. Yanchunis and Cole said it is difficult to estimate how much a suit against Tea could be settled for, as the numbers of class members for the suits are still developing. Tea's website says the app has over 6 million users. 'It could be more of an existential threat to their existence,' Fitzpatrick said. 'Not maybe so much because of the amount of money that they might have to pay, but just because, I think, this is awful for their reputation. I don't know if people are going to trust them anymore, and so they might lose all their users.' Yanchunis said these cases differ from many other data breach cases because of the sensitivity of the information. 'What's unique here is the way this app promoted the safety and security of the platform, and so people in this type of app are going to reveal things that they might not otherwise reveal at large,' he said. 'I might tell a girlfriend something that I wouldn't tell anybody else, because we're in a close relationship. So that kind of information through this app can be disclosed, and it could be very devastating when it's revealed, as it was in this situation.' A user of the app, who requested anonymity because of safety concerns, told NBC News that they had been on the app since late 2023 and had felt very anxious and paranoid since the breach. 'Originally, the app was started for women, and I don't think they should have told the men about it,' the user said. 'People should feel free to join the app and read the interesting comments, and if not, then you take that app down.'
Express Tribune
30-07-2025
- Business
- Express Tribune
Tea app hit with lawsuits after data breach exposes 72,000 images and private messages
The viral Tea app, which allows women to anonymously review men, is now facing two class-action lawsuits following a massive data breach that exposed sensitive user data, including private messages and over 72,000 images. Both lawsuits, filed in the Northern District of California, allege that Tea failed to adequately protect user information. The leaked data reportedly included selfies, government IDs submitted for verification, and personal conversations. One lawsuit, filed on behalf of Griselda Reyes, accuses Tea of negligence and breach of implied contract. 'I think they were just sloppy,' said lead attorney Scott Cole, noting the app's rapid viral growth may have outpaced its security infrastructure. The suit seeks damages and demands that Tea implement better encryption and delete stored user data. The second lawsuit, filed on behalf of an anonymous Jane Doe, describes an even more disturbing scenario. Doe claims she used the app to anonymously warn others about a local sexual predator, believing her identity and submitted documents would be kept private. Instead, the suit claims, Tea "broke every one of those promises." This second suit also names social platforms X (formerly Twitter) and 4chan, accusing them of allowing the stolen data to spread further. A Tea spokesperson has said the company is identifying affected users and will provide free identity protection. However, legal experts suggest additional lawsuits may follow as more users come forward. The Tea app recently reached the No. 1 spot in the Apple App Store before dropping to second behind ChatGPT. Its features include anonymous reviews, dating advice, and premium services like background checks and reverse image searches.
Associated Press
05-02-2025
- Business
- Associated Press
Cole & Van Note Announces Filing of NorthBay Healthcare Group Data Breach Class Action
Scott Cole, class action veteran and founder of Oakland-based Cole & Van Note, announces the filing of a class action lawsuit against NorthBay Healthcare Group for negligence, invasion of privacy and related violations arising out of the health care provider's recent high-profile data breach. The personal information – including names, Social Security numbers, medical information, biometric information, financial account numbers and usernames and passwords of over 569,000 NorthBay Healthcare Group patients was compromised in the massive data breach announced by NorthBay Healthcare Group on January 30, 2025 yet known to the organization for approximately a year prior. 'The combination of biometric, financial and medical data that were accessed in this data hack makes this situation unique,' says Scott Cole, the principal attorney on the case. 'Despite hundreds of data breaches every year in this country, most do not involve such highly sensitive patient information as was obtained here.' The lawsuit claims NorthBay Healthcare Group maintained inadequate security measures for detecting and addressing the cyber-attack, especially given knowledge of such threats that routinely plague the healthcare industry. In addition to monetary damages, the suit demands NorthBay Healthcare Group implement and maintain sufficient security protocols going forward so as to prevent future attacks. Of the numerous cyber-attacks, a growing percentage of them target health care facilities and patient records, given that such sensitive information is highly valuable to cyber criminals. Two lawsuits were filed entitled Johnson, et al. v. NorthBay Healthcare Group (Superior Court of Solano County, Case No. CU25-01062).) and Shaw, et al. v. NorthBay Healthcare Group (U.S.D.C., Eastern District Case No. 2:225-cv-00412-CKD).). For more information about these cases, please contact Cole & Van Note at [email protected] or (510) 891-9800. ABOUT COLE & VAN NOTE Since its inception in 1992, Cole & Van Note has litigated countless matters against businesses of all types, and in nearly every industry imaginable. It engages in California-based and nationwide litigation as a well-known and widely-respected member of the country's legal community. For decades, the firm has recovered hundreds of millions of dollars for countless workers and consumers, has been involved in record-setting resolutions and corrected numerous unlawful practices. Copyright Business Wire 2025. PUB: 02/04/2025 07:06 PM/DISC: 02/04/2025 07:06 PM
