
Tea App Breach
Aug 14, 2025
21,429 rows
What happened in the Tea App Breach?
DataBreach.com Team · August 27th 2025, 8:00 pm EDT
Tea, a women-focused dating safety app, disclosed a major data breach in July 2025 after attackers accessed and leaked roughly 72,000 images tied to user accounts. According to the company, the exposed data included about 13,000 selfies and photo identification images submitted for verification and another 59,000 images from posts, comments, and direct messages. Tea said the incident affected users who registered before February 2024.
The breach was especially sensitive because Tea marketed itself as a privacy- and safety-oriented platform where women could anonymously discuss dating experiences and flag concerning behavior. In that context, the exposure of verification selfies, government IDs, and user-generated images created risks well beyond ordinary credential theft, including impersonation, harassment, fraud, and the potential misuse of biometric-style identity data. Reuters reported that Tea said email addresses and phone numbers were not exposed in the initial incident.
The fallout widened days later, when Tea said it had suspended direct messaging after additional breaches exposed personal details and sensitive communications. Reuters reported that the later incidents involved users’ private communications, significantly deepening the privacy impact of the compromise.
The Tea incident drew outsized attention because of the gap between the app’s stated purpose and the type of data that was exposed. A platform built around user safety, anonymity, and verification ended up leaking some of its most sensitive trust-and-safety data. That makes the Tea breach notable not only as a consumer app security failure, but also as a reminder that platforms collecting ID documents, selfies, private messages, and high-risk interpersonal reports face an especially high duty to minimize retention and secure stored data.










