A dating app designed to help women warn each other about dangerous or deceptive men has been hacked, leaking tens of thousands of private images online and raising questions about digital privacy, online accountability, and the risks of crowdsourced justice.
Tea, a women-only dating app that surged to the top of Apple’s U.S. App Store this week, confirmed Friday that hackers had breached its systems. According to the company, around 72,000 images were accessed, including 13,000 selfies or photo IDs submitted during account verification, and another 59,000 images from user posts, comments, and direct messages.
The breach appears to have been discovered by users on 4Chan, who located an exposed database and began circulating images. While Tea says it has since secured the platform and engaged third-party cybersecurity experts, the damage is already reverberating.
The app — launched in 2022 by San Francisco-based software engineer Sean Cook — was created as a tool for women to vet potential matches on dating platforms like Tinder or Bumble. Users could anonymously post photos of men they were dating to solicit feedback from other women. In theory, this could help identify men with histories of dishonesty, abuse, or manipulation. “It’s like people have their own little Yelp pages,” said attorney Aaron Minc, who specializes in online defamation.
But that model — one built on anonymous user submissions and sensitive content — is also inherently vulnerable. Critics have called Tea a “man-shaming site” and questioned the ethics of a platform that allows unverified allegations to spread with little oversight. Now, with the platform breached and its image database leaked, the legal and social risks are becoming clearer.
“This is uncharted territory,” said Michigan-based attorney William Barnwell. While platforms like Tea are generally shielded from liability for user-generated content under Section 230 of the Communications Decency Act, users can still be held accountable for anything that they post that’s deemed to be defamatory or harassing. There are also privacy laws in place in some states that allow for reccourse for victims who have had their images shared without consent.
Still, for many women, the app’s appeal lies in what traditional institutions have failed to offer: a sense of safety and community in an increasingly hostile dating world. One user wrote in an App Store review that Tea helped her discover over 20 red flags about a man she’d just begun talking to, including serious allegations of abuse. “I can’t imagine how things could’ve gone had I not known,” she wrote.
As of July 24, Tea reached the No. 1 spot on Apple’s App Store, with a 525% spike in downloads over the previous week and a reported 4 million users. But the hack may mark a turning point.
“This breach doesn’t just threaten privacy,” said Minc. “It threatens the trust that made the app successful in the first place.”
Tea emphasized that no phone numbers or email addresses were exposed and that only users who joined before February 2024 were affected. “Protecting Tea users’ privacy and data is our highest priority,” the company said.
