The women’s safety app Tea, which gained viral popularity for allowing users to share dating red flags and verify men, was removed from the Apple App Store due to multiple data breaches exposing highly sensitive user data. The breaches included: - An exposed database containing users’ driver’s licenses and selfies (targeted by 4chan trolls). - A second breach leaking direct messages, including discussions about abortions and infidelity. - A third breach exposing personal data of affiliate influencers paid to promote the app. The app also faced a class-action lawsuit and accusations of unethical competition (e.g., hijacking the *Are We Dating the Same Guy* community). Despite disabling messaging post-breach, Tea continued growing its userbase. Apple cited violations of privacy policies (sharing minors’ data without consent) and lack of content moderation as reasons for removal. The app remains available on Google Play, alongside copycats.
Source: https://www.404media.co/women-dating-safety-app-tea-delisted-from-apple-app-store/
TPRM report: https://www.rankiteo.com/company/tea-dating-safety-for-women
"id": "tea5493154102225",
"linkid": "tea-dating-safety-for-women",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Thousands (Exact Number '
'Undisclosed)',
'industry': 'Social Networking/Dating Safety',
'location': 'Global (Primarily U.S.)',
'name': 'Tea (Women’s Safety App)',
'type': 'Mobile Application'},
{'industry': 'Social Networking/Dating Safety',
'location': 'Global',
'name': 'TeaOnHer (Copycat App)',
'type': 'Mobile Application'},
{'customers_affected': 'Indirect Impact (Community '
'Hijacking Attempts)',
'industry': 'Social Networking/Dating Safety',
'location': 'Global',
'name': 'Are We Dating the Same Guy Community',
'type': 'Online Community'}],
'attack_vector': ['Exposed Database',
'Targeted Harassment by 4chan',
'Lack of Content Moderation'],
'customer_advisories': ['Social Media Posts (No Formal Advisory)'],
'data_breach': {'data_encryption': 'No (Database Was Exposed)',
'data_exfiltration': 'Yes (By 4chan and Unauthorized Parties)',
'file_types_exposed': ['Images (Selfies, Driver Licenses)',
'Text Messages'],
'personally_identifiable_information': ['Names',
'Driver License '
'Numbers',
'Photos',
'Messaging Content'],
'sensitivity_of_data': "High (Includes Minors' Data, Abortion "
'Discussions, Cheating Allegations)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Sensitive Conversations',
'Biometric Data (Selfies)',
'Government-Issued IDs (Driver '
'Licenses)']},
'date_publicly_disclosed': '2023-11-15T00:00:00Z',
'description': 'Apple removed the women’s safety app Tea (and its copycat '
'TeaOnHer) from the App Store for failing to comply with '
'content moderation and user privacy guidelines. The app faced '
"multiple data breaches exposing users' personal data, "
'including driver licenses, selfies, direct messages (some '
'discussing sensitive topics like abortions and cheating), and '
"affiliate program participants' data. The breaches were "
'exploited by 4chan trolls, leading to a class-action lawsuit. '
'Apple cited excessive complaints, including unauthorized '
"sharing of minors' personal data, as key reasons for removal. "
"Tea had previously grown rapidly by targeting the 'Are We "
"Dating the Same Guy' community and paying influencers to "
'undermine it.',
'impact': {'brand_reputation_impact': ['Severe Damage Due to Breaches and '
'Deceptive Practices',
'Loss of Trust in Women’s Safety '
'Community'],
'customer_complaints': ['Excessive Complaints to Apple',
"Unauthorized Sharing of Minors' Data"],
'data_compromised': ['Driver Licenses',
'Selfies',
'Direct Messages (including discussions on '
'abortions, cheating)',
"Affiliate Program Participants' Personal "
'Data'],
'downtime': ['Direct Messaging Functionality Disabled'],
'identity_theft_risk': ['High (Exposed Driver Licenses and '
'Selfies)'],
'legal_liabilities': ['Class-Action Lawsuit',
'Potential Regulatory Violations for Privacy '
'Failures'],
'operational_impact': ['App Removed from Apple App Store',
'Class-Action Lawsuit Filed',
'Reputation Damage'],
'systems_affected': ['Tea App Database',
'Direct Messaging System']},
'initial_access_broker': {'entry_point': 'Exposed Database',
'high_value_targets': ['User PII',
'Sensitive Direct Messages']},
'investigation_status': 'Ongoing (Class-Action Lawsuit, Potential Regulatory '
'Scrutiny)',
'motivation': ['Harassment',
'Exploitation of Sensitive Data',
'Disruption of Service'],
'post_incident_analysis': {'root_causes': ['Poor Database Security',
'Lack of Privacy Safeguards',
'Inadequate Content Moderation',
'Deceptive Growth Tactics '
'(Hijacking Competitor '
'Communities)']},
'references': [{'date_accessed': '2023-11-15',
'source': '404 Media',
'url': 'https://www.404media.co/apple-removes-tea-womens-safety-app-after-data-breaches/'},
{'date_accessed': '2023-11-15',
'source': 'Tea App Website',
'url': 'https://www.teaapp.co/'},
{'date_accessed': '2023-11-15',
'source': 'Apple App Store Guidelines',
'url': 'https://developer.apple.com/app-store/review/guidelines/'}],
'regulatory_compliance': {'legal_actions': ['Class-Action Lawsuit Filed by '
'Tea User'],
'regulations_violated': ['Apple App Store '
'Guidelines (Privacy, '
'Content Moderation)',
'Potential GDPR/CCPA '
'Violations (Unclear)']},
'response': {'communication_strategy': ['Social Media Updates (e.g., '
'Instagram Posts)',
'No Public Apology or Detailed '
'Explanation'],
'containment_measures': ['Disabled Direct Messaging '
'Functionality']},
'threat_actor': ['4chan Trolls/Harassment Forum',
'Unauthorized Third Parties'],
'title': 'Removal of Tea Women’s Safety App from Apple App Store Due to Data '
'Breaches and Privacy Violations',
'type': ['Data Breach', 'Privacy Violation', 'App Removal'],
'vulnerability_exploited': ['Unsecured Database',
'Inadequate User Data Protection',
'Missing Reporting Mechanisms for Objectionable '
'Content']}