Customers from 4chan declare to have found an uncovered database hosted on Google’s cellular app growth platform, Firebase, belonging to the newly widespread ladies’s courting security app Tea. Customers say they’re rifling by way of peoples’ private information and selfies uploaded to the app, after which posting that information on-line, in response to screenshots, 4chan posts, and code reviewed by 404 Media. In a press release to 404 Media, Tea confirmed the breach additionally impacted some direct messages however mentioned that the info is from two years in the past.
Tea, which claims to have greater than 1.6 million customers, reached the highest of the App Retailer charts this week and has tens of 1000’s of evaluations there. The app goals to supply an area for girls to alternate details about males in an effort to keep secure, and verifies that new customers are ladies by asking them to add a selfie.
“Sure, for those who despatched Tea App your face and drivers license, they doxxed you publicly! No authentication, no nothing. It is a public bucket,” a publish on 4chan offering particulars of the vulnerability reads. “DRIVERS LICENSES AND FACE PICS! GET THE FUCK IN HERE BEFORE THEY SHUT IT DOWN!”
This publish is for paid members solely
Turn out to be a paid member for limitless ad-free entry to articles, bonus podcast content material, and extra.
Join free entry to this publish
Free members get entry to posts like this one together with an e mail round-up of our week’s tales.
