634
Women Dating Safety App 'Tea' Breached, Users' IDs Posted to 4chan
(www.404media.co)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 25 Jul 2025
634 points (100.0% liked)
Technology
78482 readers
2592 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
This is what happens when you decide to vibecode a service with zero attention to safety or web development. This is why you don't immediately jump onto a new service without it being vetted properly. Now one of the worst communities on the Internet is in possession of over a hundred thousand women's driving licenses and faces. This is going to be an absolute disaster.
This is ALSO why no service should ever require or get my driver's license information. Fuck that. Also, yet another Constance to those who can't afford a car or want to improve the environment by living car free.
My only exception to that are uber drivers. But then again we live in an age where somehow better help has become popular, even though they sell your data.
I disagree on even that. It should be enough to have some trusted "notary" tick a box that they have verified your driver's license as valid. It should not be stored out sent anywhere at any time. Just showed to a human. Regularly, if needed.
Instead, just prove you have a credit card by submitting the details. Also totally safe. Be sure to include the CVV, please!
The only site I ever felt comfortable scanning shit like that into was a site that sold things only to military/medics/fire fighters so I had to upload my medic license and my FF cert.
Anything beyond that is a no go from me.
Now now, I like to shit on vibecoders too but let’s not pretend this is some new problem.
Idiots leave databases on cloud servers exposed all the time rather than deal with their companies often arcane rules for generating certificates
Remember when the government published SSNs in HTML? https://www.zdnet.com/article/missouri-will-not-prosecute-hacker-reporter-for-daring-to-view-state-website-html/
Where do you think the AI learned it?
Like, I get that competent coders do it too, but now any skiddie with an idea can cosplay as a developer so this is going to be so much more prevelant
That's not new, either.
To be fair, I’m not sure why firebase even has a public access option. That’s a recipe for issues.
Though if it’s anything like Google Cloud Store, they hopefully make it very clear that your bucket is public.
"Vibe coded" you just made that up didn't you, because you don't like llms. I don't see anything in the article about "Ai" and this service has been operating for 2 years.
The og 4chan post brought up the vibe coding. Using it as an insult to quality is wider spread than just lemmy.
Maybe I shouldn't have used the term vibe coded. I apologize.
Anybody oblivious enough to create something like this isn't someone you should trust your most private data with. This service had red flags from the concept phase, never mind the execution.
This is not to say, of course, that the victims deserved it. It just really sucks that they had to learn this lesson this way.