A major privacy scandal has hit the dating safety app for women Tea. Following two separate data breaches, the latest has raised serious concerns about user security and trust on sensitive commercial apps. The platform was compromised by hackers who accessed a legacy Firebase storage system containing some 72,000 images, including roughly 13,000 user selfies and government IDs submitted to verify accounts.

Built as safe space for women to report “red flags” and negative interactions with men, Tea quickly shot to the top of iOS App Store, with user reviews claiming the app is a “life saver” and “a gamechanger for women’s protection”. However, the app has also faced a litany of controversy ranging from its exclusive gender policy, invasive identity verification policies, and potential to violate men’s privacy.

Tea has begun working with cybersecurity firms and law enforcement, including the FBI. Affected users are being directly notified, and the company is providing free identity protection services to those impacted.

One Google Maps user created a map claiming to show the location of users whose information was leaked. Additionally, images of women using the app have been added to the “Spilled Tea” website for the purpose of ranking their attractiveness.

Presently, there are two class-action lawsuits filed in the Northern District of California accusing Tea of negligence. Experts anticipate that more claims may soon follow.

Impacted users have been urged to freeze their credit reports, monitor for phishing attempts, and reach out to Tea support for any further guidance. While the company is taking steps to rebuild trust, the full scope of the breach remains under active investigation.