A massive data breach has rocked the Tea app — a fast-growing platform marketed as a safe, anonymous space for women to share experiences about men — after tens of thousands of private images, including selfies and government IDs, were leaked online in a targeted cyberattack. The incident has sparked widespread outrage and renewed scrutiny over how digital platforms protect sensitive user data.
72,000 Images Accessed in Major Cyberattack
The Tea app, which recently surged to the top of the Apple App Store as a safe digital space for women to discuss men, has been hacked — exposing tens of thousands of private photos including government-issued IDs and selfies.
A spokesperson for Tea confirmed the cyberattack on Friday afternoon, stating that approximately 72,000 images were accessed in the breach. Among these, 13,000 were verification selfies and official ID photos submitted by users to gain access to the platform.
Tea App Meant to Empower Women Now at Centre of Privacy Scandal
Tea bills itself as a “virtual whisper network” for women. The app allows users to search men by name, share photos, and label individuals as a “red flag” or “green flag” based on past experiences. It also includes the option to run background checks and reverse-search images to help identify catfishing.
Users are required to upload a selfie during sign-up to verify they are women — a process Tea claims is followed by immediate deletion of the image after review. Anonymity is guaranteed, and the app even blocks screenshots to protect privacy.
But now, that very promise is under fire after sensitive user data appears to have been leaked and circulated online.
Photos Posted on 4Chan, Download Link Shared
According to the company, the hacker accessed a database dating back over two years, which was originally retained for compliance with law enforcement in connection with cyberbullying prevention.
The breach was first reported by 404 Media on Friday. A post on 4Chan, a notorious online message board, included a download link allegedly containing the stolen data. Many of the leaked images — including verification selfies and ID documents — have now surfaced across 4Chan and X (formerly Twitter).
Adding to the alarm, an anonymous user has created a Google Map claiming to display the coordinates of affected users. While no names or addresses are included, the map has amplified concerns around personal safety.
Tea Responds: “Protecting Our Users Is Our Highest Priority”
In response, Tea stated that it had hired third-party cybersecurity experts and was “working around the clock to secure our systems.”
“Protecting our users’ privacy and data is our highest priority. Tea is taking every necessary step to ensure the security of our platform and prevent further exposure,”
App’s Creator Inspired by Mother’s Online Dating Trauma
Tea’s creator, Sean Cook, has said the app was born out of his own mother’s harrowing online dating experience — involving catfishing and unknowingly dating men with criminal histories.
The app aims to offer women tools to protect themselves in an era of digital dating risks. Tea also claims to donate 10% of its profits to the National Domestic Violence Hotline, a claim confirmed by the organisation to NBC News.
Backlash from Men, Threats of Retaliatory Apps
As Tea’s popularity exploded — reportedly gaining nearly 2 million new signups in recent days — it also sparked backlash online. Some men, particularly on forums like 4Chan, have criticised the app and even called for coordinated hacking efforts.
In a Thursday night thread, users on 4Chan discussed plans to “hack and leak” the app, shortly before the breach occurred.
Other groups have floated the idea of a male-only version of Tea. One such attempt, an app called Teaborn, was pulled from the App Store after its creator was accused of facilitating the sharing of revenge porn.
Users Express Concern Over Privacy as Waitlists Grow
Interest in the app remains high. Tea said in an Instagram story that new signups have surpassed 2 million, though many users continue to report being stuck on waitlists.
In the wake of the breach, concerned users flooded the app’s Instagram page, questioning whether their data is truly safe.