Tea Dating App Suffers Data Breach: Sensitive User Data Leaked Online

A recent data breach involving the Tea dating app has exposed sensitive user information, including driver’s licenses and private messages, raising serious concerns about user safety and digital privacy.

If you received a notice from Tea identifying you as a victim of this breach, contact our experienced data breach team today.

Tea Data Breach

Tea, a dating app marketed as a safer space for women and nonbinary individuals, was recently the target of a significant data breach. According to initial reports from 404 Media, and subsequently covered by NPR and the Associated Press, personal data from Tea users—including verified ID images, selfies, and private messages—was leaked and posted on 4chan, an anonymous online message board known for hosting controversial content.

The first breach occurred on July 23, 2025, when users’ verification data, including driver’s license photos and selfies, were leaked online.

A second breach followed on July 27, 2025, exposing additional information such as private messages, internal Tea app communications, and app source code. These back-to-back breaches mark a serious breakdown in data protection and user privacy.

Sensitive Personal Data Exposed

In total, the two data dumps may include:

• Full names
• Birthdates
• Contact information
• Driver’s license images and verification selfies
• Private chat logs
• Location data
• Internal Tea app communications
• Source code and back-end materials

While the full extent of the breach is still under investigation, early indicators suggest that a large number of users were affected—many of whom joined the platform expecting a safer alternative to mainstream dating apps.

Tea was positioned as a safer, community-focused platform for women and nonbinary users. The breach not only exposes deeply personal data—it undermines the app’s core mission of trust, privacy, and safety. Victims now face increased risks, including stalking, identity theft, and reputational harm, particularly given the exposure on a high-traffic anonymous forum.

If Tea failed to implement reasonable cybersecurity safeguards, it may be liable for damages caused by this breach.