A second, main safety challenge with girls’s courting security app Tea has uncovered way more person information than the primary breach we first reported final week, with an impartial safety researcher now discovering it was potential for hackers to entry messages between customers discussing abortions, dishonest companions, and cellphone numbers they despatched to 1 one other. Regardless of Tea’s preliminary assertion that “the incident concerned a legacy information storage system containing info from over two years in the past,” the second challenge impacting a separate database is way more current, affecting messages up till final week, in response to the researcher’s findings that 404 Media verified. The researcher mentioned in addition they discovered the power to ship a push notification to all of Tea’s customers.
It’s laborious to overstate how delicate this information is and the way it may put Tea’s customers in danger if it fell into the incorrect palms. When signing up, Tea encourages customers to decide on an nameless screenname, but it surely was trivial for 404 Media to seek out the actual world identities of some customers given the character of their messages, which Tea has led them to imagine had been non-public. Customers might be simply discovered by way of their social media handles, cellphone numbers, and actual names that they shared in these chats. These conversations additionally steadily make damning accusations towards people who find themselves additionally named within the non-public messages and in some instances are simple to determine.
This publish is for paid members solely
Grow to be a paid member for limitless ad-free entry to articles, bonus podcast content material, and extra.
Join free entry to this publish
Free members get entry to posts like this one together with an electronic mail round-up of our week’s tales.
