Tea, a courting dialogue app that lately suffered a high-profile cybersecurity breach, introduced late Monday that some direct messages had been additionally accessed within the incident.
The app — designed to let girls safely talk about males they date — rocketed to the highest of the U.S. Apple App Retailer final week however then confirmed on Friday that 1000’s of selfies and picture IDs of registered customers had been uncovered in a digital safety breach.
404 Media was the primary to report on this second safety difficulty, citing an impartial safety researcher who discovered it was attainable for hackers to entry messages between customers discussing abortions, dishonest companions, and cellphone numbers.
In an announcement posted on its social media accounts, Tea mentioned it “recently learned that some direct messages (DMs) were accessed as part of the initial incident.”
“Out of an abundance of caution, we have taken the affected system offline,” the app mentioned. “At this time, we have found no evidence of access to other parts of our environment.”
It’s at present unknown what number of messages had been left uncovered by the vulnerability.
Tea has mentioned about 72,000 pictures had been leaked on-line within the preliminary incident, together with 13,000 pictures of selfies or selfies that includes a photograph identification that customers submitted throughout account verification. One other 59,000 pictures publicly viewable within the app from posts, feedback and direct messages had been additionally accessed with out authorization, a spokesperson mentioned final week.
No e mail addresses or cellphone numbers had been accessed, the corporate mentioned, and the breach solely impacts customers who signed up earlier than February 2024.
