- Tea is a popular ‘dating security tool’ that has just suffered a data overgrowth
- 72,000 images relating to the app were involved, some of which were user photo -ids
- There is a continuous study but the obvious concern here is potential identity theft for those whose images were postponed
Tea is a popular mobile app designed as a ‘dating security tool’ to protect women and has been around since 2023.
Its full name is tea-dating advice, and the central idea is a only woman app that gives those who are dating with the opportunity to access background control of men. This includes whether they have a criminal listing (or whether they are sex offenders), as well as reverse image search to identify sea fisherman (provided a false identity online).
At the end of last week, as NBC News reported, TEA admitted that it had suffered a data violation in which 72,000 images gained access to the penetrating.
It included 13,000 images (selfies and photoid) submitted by users under account language. The other 59,000 images were also provided by users and “publicly visible” in posts (and direct messages) on the app.
As Tea recognized on its Instagram account, these images were stored on a ‘filed data system’ and the company said that all users who signed up for tea in or after February 2024 will not be affected. In other words, this old data is filed on a server that relates only to older posts and accounts before this date.
The company made it clear that photos “in no way can be linked to posts in tea”.
A TEA spokesman said to NBC: “This data was originally stored in accordance with the requirements for law enforcement related to the prevention of cyber bullying.”
NBC reported that the hack may be connected to 4chan, with a 4chan poster that allegedly allows the database of stolen images to be downloaded on this platform. Assuming ID photos from TE users are also said to have been sent on some social media, but of course the exercise of caution around such reports.
Tea said it has more than four million users in total and it became the top free app in the Apple App Store in the US this past week (after recently gaining a million new members).
Tea said it is conducting an ongoing investigation into the security incident, which includes external cybersecurity experts and that it has notified law enforcement in the United States.
Do you think you have been affected by this violation – if so, what are you going to do?
The key point to remember here is that if you signed up recently for tea, you should not be affected by this violation. As noted, the effect extends only an archive server and members who ended before February 2024.
At least it is according to what we know from the investigation so far, and the apparent extent of the violation – so warning is that we assume that the ongoing study does not reveal that there is nothing else.
The other important point to remember here is that only the images were accessed, according to TEA and no personal data relating to members, such as E email addresses or phone numbers.
However, the worrying part of the data that was accessed is that some of them contain official IDs (and selfies) that could potentially be used for identity theft. It is worth noting here that tea also clarifies (in an official statement marked by the US Today) that it no longer requires an official ID for registration and disposed of with this requirement in 2023.
If you joined tea before February 2024 and delivered a government ID to the enrollment process, the latter could have been postponed. There is no clear way of knowing it at this time, but it is safest to assume that your ID (or other pictures) may have been leaked online.
This means that this information may end up in the hands of a bad actor, unfortunately, but it is difficult to say whether it will happen with certainty, or actually know if it Do happen.
What you can do for now as an obvious first line of defense is to keep an eye on your finances (bank accounts and credit card statements), look for irregularities. In all honesty, this is something you have to do anyway, as fraud is an always -present danger these days with a growing number of scams (along with data violations like this).
A further proactive move is to sign up for one of the best credit monitoring services and the good news is that you can get this for free (from Experian).
What these services do is keep an eye on your personal details (from eg a stolen ID) used online under suspicious circumstances, bringing these events to your attention so you can be aware of something that is potentially under -handed before it comes out. There is also full identity theft -protection suites out there for a more comprehensive level of protection.
