Tea App Breach Exposed 72,000 Selfies and ID Photos
TEA, a meeting for the safety of women who has increased at the top of the free IOS App Store lists, suffered a major security violation last week. The company confirmed on Friday that it had “identified authorized access to one of our systems” which exhibited thousands of user images. And now there is the potential that more details on people using the application could be accessible.
According to the preliminary tea results at the end of last week, the violation made it possible to access around 72,000 images, divided into two groups: 13,000 selfie images and a photo identification that people had submitted during account verification and 59,000 images that were publicly visible in the application from messages, comments and direct messages.
These images were in an “inherited data system” which contained information more than two years ago, the company said in a press release. “Currently, there is no evidence suggesting that current or additional user data have been affected.”
Earlier Friday, publications on Reddit and 404 Media reported that faces and identifiers for tea application users had been published on the Babilla of anonymous online 4chan message.
Tea demands that users check their identities with selfies or identifiers, which is why driving licenses and photos of people’s faces are in disclosed data.
TEA said it launched a complete investigation to assess the scope and impact of the violation.
DMS potentially exposed
A security researcher also discovered that it is possible for hackers to access DMS between two users, according to a 404 media report on Monday. This would have affected the messages sent last week by people using the TEA application. Tea did not immediately respond to a request for comments on this last report.
The premise of tea is to provide women with a space to point out the negative interactions they had during the meeting of men in the dating pool, allegedly ensuring the safety of other women. The application struck the first place of the Apple App Store last week, attracting international attention and triggering a debate on the question of whether the application violates men’s privacy. If the reports of a violation prove to be true, it will also play in the broadcast debate on the question of whether online identity and age verification represent a risk of inherent security for Internet users.
In the confidentiality section of his website, tea declares: “Tea dating advice takes reasonable security measures to protect your personal information to avoid losses, abuse, unauthorized access, disclosure, alteration and destruction. Please know, however, that in spite of our efforts, no security measure is impenetrable.”
