4chan users have exposed a devastating security breach at the Tea app, revealing that 13,000 verification photos and government IDs from women users were left completely unprotected in an unsecured database. The breach, confirmed by Tea on July 25, 2025, has exposed 72,000 total images from the women-only dating safety platform.
The security catastrophe unfolded when users on the anonymous imageboard discovered that Tea’s backend database lacked basic security measures including passwords, encryption, or authentication protocols. The leaked data—spanning 59.3 GB—includes 13,000 verification selfies and IDs, tens of thousands of user-generated images, and messages from as recently as 2024 and 2025.
Table of Contents
How the 4chan Discovery Sparked Mass Data Exposure
On Friday morning a 4Chan user allegedly posted a link that allowed others to download the database of stolen images and other identifying information about Tea users. The anonymous forum users launched what reports describe as a coordinated “call to action” that led to widespread sharing of the compromised data.
“DRIVERS LICENSES AND FACE PICS! GET THE FUCK IN HERE BEFORE THEY SHUT IT DOWN!” the thread read before being deleted. This inflammatory post demonstrates how quickly sensitive personal information spread across the platform before moderators intervened.
The timing couldn’t be worse for Tea, which recently shot to number one on the App Store. Tea, an app that lets women “rate” and “review” the men in their lives, has been on a hot streak lately, having shot to the top of the App Store and enjoyed several recent write-ups in major media outlets.
What Data Was Compromised in the Breach
The exposed information represents a privacy nightmare for Tea’s female user base. The company estimates that 72,000 images, including 13,000 verification photos and images of government IDs, were accessed. This includes:
- Government-issued identification documents
- Verification selfies required for account approval
- User-generated photos shared within the app
- Private messages between users
- Personal information tied to identity verification
Some direct messages have also been breached, Tea confirmed in a statement to 404Media. The breach affects users who trusted the platform with highly sensitive personal documents as part of Tea’s identity verification process.
Tea App’s Mission and User Vulnerability
Tea is designed to function as a virtual whisper network for women, allowing them to upload photos of men and search for them by name. Users can leave comments describing their experiences with specific individuals. The app positions itself as a safety tool for women navigating dating scenarios.
The irony is devastating – an app designed to protect women’s safety has become a source of massive privacy violation. Tea dating app, designed to protect women, suffers major security breach exposing 13,000 verification photos and government IDs of female users.
Women using Tea must verify their identity by submitting government IDs and selfies, making this breach particularly damaging. The compromised data could enable doxxing, harassment, and identity theft targeting the platform’s vulnerable user base.
Security Failures and Technical Details
Tea, an app that was made exclusively for women, requires the user to prove their identity as a woman by presenting ID. However, it’s been discovered by a group of 4chan users that every woman’s personal data who registered was stored without proper security measures.
The breach reveals fundamental failures in Tea’s data protection infrastructure. Reports indicate the database was accessible without authentication, representing a catastrophic security oversight for an app handling sensitive personal information.
Impact on Women’s Digital Safety
This breach has broader implications for women’s digital safety and trust in dating platforms. The Tea app, a women-only platform for anonymous dating discussions, suffered a breach where hackers leaked 13,000 user photos and IDs from a legacy database, sparked by a 4chan call-to-action. This exposed vulnerabilities, risking doxxing and harassment.
The 4chan community’s role in amplifying this breach highlights how anonymous forums can weaponize data breaches against vulnerable populations. Women who used Tea seeking safety and community support now face potential harassment and privacy violations.
The incident raises serious questions about how dating apps protect user data, particularly platforms targeting women’s safety. As digital platforms collect increasingly sensitive personal information, this breach serves as a stark reminder of the consequences when security measures fail.
Company Response and User Concerns
Tea has confirmed the breach but users remain concerned about ongoing privacy risks. Tea, an app that claims to help women “make sure your date is safe, not a catfish and not in a relationship,” is experiencing a security breach that directly contradicts its safety-focused mission.
The breach occurred during Tea’s viral moment, when the app was gaining significant media attention and user growth. This timing has amplified the impact and public scrutiny of Tea’s security failures.
Users who trusted Tea with government IDs and personal photos now face an uncertain future regarding their data security. The involvement of 4chan users in discovering and sharing this information adds another layer of concern about how the compromised data might be misused.
What are your thoughts on this massive privacy breach? Share your concerns about dating app security and how platforms should better protect sensitive user data.