Tea App Second Breach Exposed Over Million Private Messages
Dating safety app Tea suffered a second major breach, leaking 72,000 verification images and over 1.1 million private messages from early 2023 to mid-2025. Exposed content ranged from selfies and photo IDs to discussions about phone numbers, abortion, and infidelity. Security researcher Kasra Rahjerdi flagged the issue, underscoring persistent gaps in data protection for user-driven platforms.
Dating safety app Tea confirmed a second data breach that exposed over 1.1 million private messages, weeks after revealing 72,000 verification images and selfies. The fallout highlights persistent gaps in data protection for user-focused platforms.
Breach Details
Security researcher Kasra Rahjerdi discovered logs of messages exchanged from early 2023 through July 2025. Exposed content included phone numbers, discussions about abortions, and conversations about infidelity. The initial breach affected users who signed up before February 2024, but this new finding spans a broader timeframe.
Impact on User Privacy
The leak on 4chan allowed malicious actors to access intimate details shared in confidence. For a platform built on community trust and transparency, the reputational damage could be immense. Users may rethink sharing sensitive information unless robust safeguards are in place.
Key Takeaways for Developers
- Conduct continuous penetration tests to spot vulnerabilities before attackers do.
- Implement end-to-end encryption for messages and user-uploaded assets.
- Set up real-time monitoring and anomaly detection across systems.
- Enforce strict data retention policies, purging old records regularly.
QuarkyByte's Approach
At QuarkyByte, we blend deep security analytics with custom threat modeling to help platforms like Tea plug gaps and fortify defenses. By simulating real-world attack scenarios and tailoring rapid response plans, we transform precarious vulnerabilities into resilient security postures.
Keep Reading
View AllLovense Security Flaws Expose User Emails and Enable Takeovers
Two critical vulnerabilities in Lovense’s connected sex toys leak user emails and let attackers hijack accounts, raising serious privacy and safety risks.
Immigration Scams Exploit Fear to Steal Money
Scammers prey on immigrants’ fears with fake officials, bogus attorneys and urgent payment demands. Learn red flags and how to stay safe.
AI-Driven Crypto Scams Surge 456%
AI deepfakes drive a 456% surge in crypto scams, costing victims billions. Discover why fraud is spiking and how to strengthen defenses.
AI Tools Built for Agencies That Move Fast.
Tea’s breach underscores the urgent need for proactive security. QuarkyByte partners with consumer apps to embed continuous vulnerability scans, real-time threat alerts, and robust encryption, preventing exposure of private messages and IDs. Explore how our tailored security frameworks turn risk into resilience.