Key Takeaways
- The dating safety app Tea, which experienced two massive data breaches recently, now faces 10 class action lawsuits from users affected by the breaches.
- The plaintiffs claim the data breaches not only put their personal safety at risk, but cost time and energy that they’ll never get back.
- As Tea grapples with the fallout, it is also facing a competitor in the form of TeaOnHer, a rival app that suffered a data breach soon after its launch.
Tea, the dating safety app that allows women to anonymously post information about the men they’ve dated, is facing 10 class action lawsuits after two July data breaches left thousands of users vulnerable to fraud.
At the heart of the lawsuits are claims that Tea was negligent in handling sensitive user information. One of the plaintiffs claims she suffers from “imminent and impending injury arising from the substantially increased risk of fraud” as a result of the security breaches.
Tea reported a massive security breach on July 25 that left 72,000 user images compromised, including selfies and photo IDs used for verification purposes. A few days later, the company shut down its messaging system after hackers accessed private DMs containing sensitive user data.
Among the leaked data were ID verification selfies that the company previously assured users were deleted promptly after being used.
The data breaches not only compromised user data, but user trust, putting Tea’s supposed dedication to user safety into question — and putting the spotlight on a rival app, TeaOnHer, that has emerged in the wake of Tea’s legal troubles.
“Tea has [put women] at risk of serious harm”
“Shortly after the Data Breach was announced, Internet users claimed to have mapped the locations of Tea’s users based on metadata contained from the leaked images,” according to one woman’s official legal complaint against Tea. “Thus, instead of empowering women, Tea has actually put them at risk of serious harm.”
The woman, who has gone on record as Griselda Reyes of California, is not only suing Tea for the data breach itself, but for its affects on her quality of life.
She allegedly “spent time dealing with the consequences of the Data Breach, which included and continues to include, time spent verifying the legitimacy and impact of the Data Breach, [and] exploring credit monitoring and identity theft insurance options.”
Also part of the lawsuit is the time and money Reyes said she has spent seeking legal counsel:
“Representative Plaintiff suffered lost time, annoyance, interference and inconvenience as a result of the Data Breach and has anxiety and increased concerns for the loss of privacy, as well as anxiety over the impact of cybercriminals accessing, using and selling Representative Plaintiff’s Private Information.”
4chan and X have been listed as defendants in one of the lawsuits, as the two social networks allegedly played a role in spreading the private information and encouraging hackers to access the vulnerable data system.
NBC News reported that at least four of the plaintiffs are seeking damages of as much as $5 million and more.
Data breaches are inconvenient at best and destructive at worst, especially for the victims. But the breaches at Tea couldn’t have come at a worse time for the company.
Tea was fielding millions of registration requests at the time of the initial data breach. At this point, any app start-up would want to focus on internal growth and on generating positive press, not damaging data breaches, lawsuits, and millions in potential legal costs — or a rival app for men quickly overtaking its #2 ranking in The App Store.
TeaOnHer May Not Be A “Safer” Version of Tea
But much like Tea, the rival app, TeaOnHer, is already facing a crisis of user trust.
TeaOnHer — which has the same premise as Tea, only seemingly for men instead of women — was hacked the same week it launched, exposing government IDs and selfies of some of the app’s users, among other data.
There are reportedly numerous security flaws in TeaOnHer’s systems that makes users’ personal data, including email addresses, drivers licenses, and users’ self-reported locations, easily accessible to people who know where to look.
During its investigation into the app, TechCrunch uncovered the email address and password of TeaOnHer’s alleged creator, Xavier Lampkin, which could theoretically lead someone to the app’s administrative page. If this info were to end up in the wrong hands, it could have serious consequences for TeaOnHer.
“The security lapse will likely affect any user who signed up or shared identity documents with the app,” the news outlet reported.
Security breach aside, TeaOnHer is now facing backlash on another front. While Tea’s mission — to form a supportive and safe community of women by providing background checks and reverse image searches — is clear, TeaOnHer’s motivations are murkier.
It claims it wants to provide “verified community protection and safety insights”, but does not provide the same safety resources as Tea. Instead, it operates solely as a “he said/he said” platform, with no documented proof (via a background check, for example) of a woman’s bad behavior — only the man’s word.
Tea’s, and now TeaOnHer’s, experiences are cautionary tales for app startups: If you base your app’s mission around trust and safety, it’s in your best interest, legally and ethically, to deliver.
Not that either app has suffered much in terms of user engagement; TeaOnHer and Tea are currently #3 and #2, respectively, in The App Store’s Lifestyle category, highlighting just how badly today’s daters want to feel safe while dating.