Everyone is talking about the poor security practices, which is fair. Or they are talking about the appropriateness of such an app existing, which is also fair.
But the immediate take away should be, especially in today’s political environment, that we cannot and should not trust sensitive data that leaves our device, particularly if you are of any kind of non privileged group.
the entire UK government disliked this comment
The UK government can shove it up their fucking arse.
Sincerely, A UK citizen.
And here's your daily reminder that the OSA was introduced, championed and passed by the Tories in 2023 despite outcry. Sunak even said at the time it was a problem for the "next Parliament" to deal with. Now they're trying to blame Labour.
Here is your reminder that Labour supported it.
This has been the case for a long time, so suddenly you have apps like Tea that encourage you to upload info of other people. So now even the few that take care not to upload their info can be nicely monitored. And the Gestapo does not even need to pay their informants for it.
And also men are vicious trash goblins.
This sounds like victim-blaming. This website didn't even secure their database with a password. Come on. I'm sure their privacy policy gave the standard promises about storing their private data in a secure way, which they did not do.
Encouraging people to be safe and care about their privacy on the internet is not victim blaming.
I'm sure their privacy policy gave the standard promises about storing their private data in a secure way, which _they did not do. _
This is what people want to warn others of. The developers of Tea are hardly the only offenders. Definitely not an example of victim blaming.
In the current environment, at-risk people (women, immigrants, etc) who might have “at-risk” activities (abortion, immigration, etc) don’t have the luxury of relying on a privacy policy. I am not blaming them, I am simply stating how it must be if they are to avoid adverse actions.
This particular instance involved poorly secured data; what happens when warrantless demands are made by the government?
The Tea debacle proves that sensitive data cannot be trusted once out of your hands.
I agree. The reality is that nobody should be trusting these platforms with such sensitive data. As demonstrated, there is so much that can go wrong when you trust these companies. This is a LOT of risk for very little reward.
Whatever you put online you should think "what if this were made public and attributed to me" before you post it.
The company should be sued into the ground. This is horrendous
In any other engineering discipline this would he negligence.
At least some of the negligence is on Google, for the atrocious default security settings in Firebase
The vulnerability is called hospital gown because they leave the back end wide open by design. It's not even a traditional vulnerability, since it's technically working as intended
In fairness if you leave Firebase in its default settings it won't shut up about it.
You get warnings on the website, and constant emails telling you that you're being a pillocked.
Both the company, for failing to protect its users; and a large majority of its users, for doxxing and libel.
Its unfortunate that it happened this way, but now the people who are being libeled against and doxxed have the ability to find out about it where they didn't before.
I'm not going to hold it against women for having a private group to tell on predatory dudes when this existed and nobody ever faced any consequences. What We Learned About the 70K-Person Telegram Channel on How to Rape Women
Arguing that tea was for "telling on predatory dudes" is like saying backdooring encryption is to catch people spreading CP.
This is some Grade-A whataboutism right here.
Of COURSE the people in that group chat deserve punishment, and probably the same 20 years that French(?) guy got depending on who all did what.
Just because that happened though doesn't excuse that this happened. The company did a horrendous thing by holding onto highly sensitive and private data it said it should have deleted and then failed to secure it in any way, AND the userbase was absolutely vile and abusive towards men.
All three things need to see justice brought to them, and you should not excuse one just because another happened and wasn't dealt with properly.
You get 89 cents in the settlement. Do you prefer to get a direct deposit or a check?
On the one hand, sucks that a leak like this even happens anymore, no one deserves to be doxxed like that. On the other hand, I struggle to feel bad for the users of the doxxing app getting doxxed in return...
This is why age verification is dangerous. If a company can just forget to delete you ID picture, it will happen...
Don't want your information on the internet? don't upload it to anyone on or over the internet, it really is a fucking simple concept.
don't upload it to the internet!
or use a smart phone
or corporate searches that track you
or go to any website with ads - they track you
hell don't even search the internet! your ISP tracks dns requests
or use a modern tv that tracks what is on your screen
or you can do custom phone from - just unlock the bootloader, root it, and install! then just setup pihole/adguard/self-host everything
it's simple, for privacy just go live in a yurt in the woods to not be tracked 24/7
And live in a cave! 😬
It would be nice if also they secured data too.
Posted on an article about an app encouraging different users to upload info about you without your consent. Yes, really simple.
They hired an investigator? Any investigator worth a shit is gonna say that they're liable for failing to secure private data they collected, ~~as well as for retaining data they were apparently legally obligated to delete~~
Edit: Misread that segment, they actually presented it as if they were deleted to users, but apparently retained them to comply with vague "law enforcement requirements."
The Tea app is a women-only dating safety platform where members can share reviews about men, with access to the platform only granted after providing a selfie and government ID verification.
This sounds irresistible for angry misogynists. The only thing that surprises me about this is that it didn’t happen earlier.
The only thing that surprises me about this is that it didn’t happen earlier.
I'm way out of the dating game at this point, and also a man, so it's very likely that I'm just out of the loop
But I hadn't heard anything about this app until a couple weeks ago when I saw an article or two about it
Then about a week later this happened
So I kind of feel like maybe most of the assholes who did this were similarly unaware of it until it got some exposure and then it was on their radar.
I would certainly imagine that most women using this app probably weren't telling the angry misogynists in their lives about this app.
Warning I'm going off memory and I'm too lazy to check this.
One of the articles on the first data leek mentioned it became big on the google play store shortly before the leek. It probably just wasn't around long enough for you to notice it.
"Stop attacking us guys we just want to do a little misandry" -Tea app
What do you think is misandrist about this?
It's an app about doxing people without their consent
To be fair, that alone wouldn’t be misandrist, if it weren’t exclusively for woman perpetrators targeting exclusively men as their victims.
"Sir, we've already been breached once!"
"But what about second breach?"
Now there are two of them. A second breach has hit the app.
its like the ashley madison drama, which exposed cheating.
Sir, a second plane.meme
At least they’re honest, they did spill tea.
A whole lot of tea.
If you're out of the loop, I found this article fairly helpful for a primer on the issues. It's CNN, but I can't be arsed to find a more kosher source.
https://www.cnn.com/2025/07/25/us/tea-app-dating-privacy-cec
404media did a great piece about what happened. available as podcast too. https://www.404media.co/a-second-tea-breach-reveals-users-dms-about-abortions-and-cheating/
I never thought there would be a dating intel war going on and this the second time too.
This is a most excellent place for technology news and articles.
