• Tea app suspended messaging after a significant data breach exposed user images and messages.
• Approximately 72,000 images, including selfies and IDs, were leaked, prompting security concerns.
• The FBI is investigating the breach, while experts express concerns over the app's security protocols.

The women-only dating safety app Tea has suspended direct messaging following a significant security breach that exposed thousands of users' personal information, including images and sensitive communications. The company stated that it made this decision "out of an abundance of caution" after discovering the breach, which exposed identity documents and direct messages, raising substantial privacy concerns. Tea, which accumulates over 4.6 million users, positions itself as a platform that allows women to anonymously check potential partners for red flags, enhancing dating safety according to latimes, reuters, and bbc.

The data breach, discovered over the weekend, revealed that hackers accessed around 72,000 images submitted by users, some of which contained sensitive information such as photo identification needed for account verification. The app had previously assured users that such data would be deleted immediately after authentication, according to latimes and reuters. Users who registered before February 2024 are particularly affected, as the app’s management works on strengthening security measures.

The FBI has been brought into the investigation, but the precise circumstances surrounding the breach remain unclear. Experts have criticized the app's security protocols, suggesting they were "honestly negligent" regarding user data protection, especially given the sensitive nature of the communications that women were encouraged to share on the platform. Eva Galperin from the Electronic Frontier Foundation noted that the app created a "massive whisper network" that could endanger the very users it aims to protect, according to reuters and bbc.

The suspension of messaging is merely one step in the app's broader effort to address the current crisis. Tea has indicated it will provide free identity protection services to affected users and will keep them updated as more information emerges about the situation, reinforcing their commitment to user privacy, according to reuters and bbc.