Key Takeaways
- The Tea app was targeted in a malicious hack after going viral. But weak security safeguards put users directly at risk.
- The stakes are higher when an app specifically targets a marginalized or otherwise vulnerable group.
- Safety cannot be a marketing hook or a tool to drive investor interest. It has to be built into the core product from the very beginning.
Picture this: You’re a woman looking to date safely and help other women do the same. So, naturally, you download the Tea App — coined as the dating safety app made just for women — to get your fix. The only catch? Well, no one expected that the very app that was meant to protect women would actually put them in jeopardy when it recently got hacked.
Well, that didn’t go so well. So if I were you, dating industry experts, I’d pay attention.
“This is why we can’t outsource safety to technology. Tea positioned itself as a “safe” space for women, but no app can guarantee that. Emotional safety comes from how we move in dating, not just the platform we use,” Jillian Romero Chaves, the founder and CEO of Clara For Daters told Dating News, “A breach like this is devastating, but it’s also a wake-up call: dating apps aren’t shields. They’re just lead tools.”
Tea, which allowed women worried about their safety to share information about men they might date, seemed like a great idea. After all, a lot of women downloaded and used it. But now, after two separate data breaches — the first leaking approximately 76,000 images and the second exposing 1.1 million private messages — it has me thinking.
This is more than just a cautionary tech story. This is about apps that claim to serve women (or other marginalized groups) but don’t actually protect them.
So, can the rest of the dating industry learn from this mess? Absolutely.
What Went Wrong
What exactly happened? Well, aside from just being hacked, the leak also put a lot of important information from Tea’s app users online. The data from the hack, which included photos of women and their driver’s licenses, is now circulating online for anyone to see.
But, in my opinion (and perhaps many others) the problem isn’t just about what broke to expose Tea’s users, but how the app was built. Given how the platform was built, it was almost inevitable because it only launched in 2024 and had some seriously rushed engineering.
But Chaves has a hot take, too: The deeper issue isn’t just the rushed engineering.
“It’s that many users believe safety is something an app should deliver to them,” Chaves explains, “We need a shift in mindset: emotional safety starts with how we show up, what we share, and how we pace connection.If you’re relying on an app to protect your heart, your data, and your judgment, it’s already too much power in the wrong place.”
Still, I think that’s putting more accountability for this breach on users than the app itself. When it comes down to it, Tea should have had higher security in place and been prepared to protect their users’ data at all costs. That’s the least an app can do, in my opinion.
Why It Hits Women-Centered and Queer Apps Harder
Arguably, women and queer folks are already experiencing greater vulnerability in the world. But on women or queer-centered platforms, they have to deal with even more gendered harassment, stalking risks and more.
“Data security matters especially for women, queer folks, and anyone sharing sensitive information,” Chaves says.
According to a Pew Research Center survey from 2020, LGBTQ+ online daters are more likely to experience unsolicited sexually explicit messages, be contacted after expressing disinterest, called offensive names, and even threatened with physical harm. According to another study, two populations are at higher risk for harassment on apps: women and individuals who identify as a sexual minority.
Of course, Tea was a target for a reason. Let’s remember that while the app called itself a “safe space,” it didn’t take the necessary precautions to make that true.
Not only did this breach put these women’s information out for the whole internet to see, but also for the men they may have talked about on the app to see. And that is just plain dangerous. Tea isn’t a traditional dating app, but an app priding itself on dating safety of all things, so the outcome is most definitely ironic (and deeply unfortunate!)
What the Industry Should Be Asking Itself Right Now
What can we, in the industry, do moving forward?
According to Chaves, apps should put the necessary safety measures in place, but also empower our users, too. And I definitely agree with that point of view.
“Apps often fail by overpromising protection and underdelivering empowerment. They give people checkboxes and filters instead of tools for real discernment,” Chaves explains, “Features like background checks may feel reassuring, but they don’t teach users how to trust themselves, ask better questions, or read patterns over time.”
And when it comes to cybersecurity, we all need to be taking it seriously, and not rushing into builds just to meet the launch date. At its core, creating these types of apps should be about safety first — Tea’s motto! — and not just making a quick buck or gathering user after user to prove to investors that your idea is a good one.
This is an opportunity to raise the bar across the board. Protect the communities you claim to serve.
“At the very least: encrypted messaging, clear moderation policies, and identity verification that respects user privacy,” Chaves explains, “But the real safety comes from the educational layer. Teach users how to move slowly. How to observe. How to align actions with values.”
Chaves said building her app Clara has never been about promising users the trope of ‘find your person,’ but to help them become the kind of person who dates with alignment, whatever the outcome.
When I think about safety for Tea’s users, as well as other dating industry apps, I really do wish this approach were more common.
Now, What?
Apps like Tea were built with good intentions, but good vibes aren’t enough.
“You can’t shortcut trust. If you claim to serve vulnerable users, your systems have to be built with care not just branding,” Chaves says.
The hack is a reminder that creating a locked-down cybersecurity system is the most important thing. But, in my opinion, that’s the bare minimum. The bar, in many ways, is on the floor. As a user of dating apps, myself, I’d expect that level of safety no matter what. After that is established, the industry can work on user-first empowerment.
“When it comes down to it, the dating industry as a whole needs to stop glamorizing safety as a feature, and more on how users can feel empowered,” Chaves says, “Apps should provide tools for self-reflection, communication, and decision-making.”
The TL/DR? Don’t follow Tea’s lead — protect your users. Then worry about the rest.
