New App for Men, "TeaOnHer," Leaks User IDs and Personal Data

The men's "TeaOnHer" app is the latest in a series of data leaks from controversial gossip apps. Discover how this security failure exposed user IDs and personal info, putting thousands at risk.

A newly launched app, TeaOnHer, designed for men to share information about women they've dated, has been found to have critical security vulnerabilities. These flaws are exposing sensitive personal data of its users, including government IDs and selfies. This incident is particularly notable as it follows a similar, massive data breach from the women-only "Tea" app, which TeaOnHer was created to rival.

In a direct response to the viral "Tea" app, which lets women anonymously review men they have dated, TeaOnHer has climbed the iOS App Store charts, quickly becoming one of the most popular lifestyle apps. However, its rapid growth has come with a severe lack of security, mirroring the issues that plagued its predecessor.

Serious Security Flaws and Exposed Information

TechCrunch has confirmed a major security flaw in the TeaOnHer app. This vulnerability allows anyone to access a database containing a trove of personal information uploaded by users. The exposed data includes usernames and email addresses, selfies and other photos submitted for account verification, and images of driver's licenses. This data isn't encrypted or securely stored; it's publicly accessible through simple web links.

Anyone who finds these links can view the private information in a standard web browser, without needing any hacking tools or specialized knowledge. Adding to the security nightmare, TechCrunch also found that the app's creator, Xavier Lampkin, left his own admin login credentials—including an unencrypted password—exposed on the server. This is a critical error that could allow a malicious party to take complete control of the app and its entire user database.

A Pattern of Insecure "Gossip Apps"

The TeaOnHer data leak highlights a troubling pattern among these new "gossip apps." The original Tea app, which became a viral sensation for women, recently had its own data breach. That incident, reported by 404 Media, revealed over 72,000 images (including IDs and selfies) and 1.1 million private messages to the public. Both apps, despite their different user bases, have failed to implement even basic cybersecurity measures. While TeaOnHer promises to be a platform for men to share their experiences, its content has also been criticized.

Reports indicate the presence of spam posts with non-consensual images and posts that make unverified, defamatory accusations. The back-to-back data leaks serve as a stark warning about the dangers of sharing sensitive personal information on unverified digital platforms. The incidents have put thousands of users at risk of identity theft, harassment, and privacy violations.