Technologies

The Tea App Data Breach: What Was Exposed and What We Know About the Class Action Lawsuit

DMs, photo IDs and selfie photos were exposed in the hack.

Tea, a women’s dating safety app that recently surged to the top of the free iOS App Store listings, suffered a major security breach last week. The company confirmed Friday that it «identified authorized access to one of our systems» that exposed thousands of user images. And now we know that DMs were accessed during the breach, too.

Tea’s preliminary findings from the end of last week showed the data breach exposed approximately 72,000 images: 13,000 images of selfies and photo identification that people had submitted during account verification, and 59,000 images that were publicly viewable in the app from posts, comments and direct messages.

Those images had been stored in a «legacy data system» that contained information from more than two years ago, the company said in statement. «At this time, there is no evidence to suggest that current or additional user data was affected.»

Earlier Friday, posts on Reddit and 404 Media reported that Tea app users’ faces and IDs had been posted on anonymous online message board 4chan. Tea requires users to verify their identities with selfies or IDs, which is why driver’s licenses and pictures of people’s faces are in the leaked data.

And on Monday, a Tea spokesperson confirmed to CNET that it additionally «recently learned that some direct messages (DMs) were accessed as part of the initial incident.» Tea has also taken the affected system offline. That confirmation followed a report by 404 Media on Monday that an independent security researcher discovered it would have been possible for hackers to gain access to DMs between Tea users, affecting messages sent up to last week on the Tea app.

Tea said it has launched a full investigation to assess the scope and impact of the breach.

Class action lawsuit filed

One of the users of the Tea app, Griselda Reyes, has filed a class action lawsuit on behalf of herself and other Tea users affected by the data breach. According to court documents filed on July 28, as reported earlier by 404 Media, Reyes is suing Tea over its alleged «failure to properly secure and safeguard … personally identifiable information.»

«Shortly after the data breach was announced, internet users claimed to have mapped the locations of Tea’s users based on metadata contained from the leaked images,» the complaint alleges. «Thus, instead of empowering women, Tea has actually put them at risk of serious harm.»

Tea also has yet to notify its customers personally about their data being breached, the complaint alleges.

The complaint is seeking class action status, damages for those affected «in an amount to be determined» and certain requirements for Tea to improve its data storage and handling practices.

Scott Edward Cole of Cole & Van Note, the law firm representing Reyes, told CNET he is «stunned» by the alleged lack of security protections in place.

«This application was advertised as a safe place for women to share information, sometimes very intimate information, about their dating experiences. Few people would take that risk if they’d known Tea Dating put such little effort into its cybersecurity,» Cole alleged. «One chief goal of our lawsuit is to compel the company to start taking user privacy a lot more seriously.»

Tea didn’t immediately respond to a request for comment on the class action lawsuit.

What is the Tea app?

The premise of Tea is to provide women with a space to report negative interactions they’ve had while encountering men in the dating pool, with the intention of keeping other women safe.

The app is currently sitting at the No. 2 spot for free apps on Apple’s US App Store, right after ChatGPT, drawing international attention and sparking a debate about whether the app violates men’s privacy. Following the news of the data breach, it also plays into the wider ongoing debate around whether online identity and age verification pose an inherent security risk to internet users.

In the privacy section on its website, Tea says: «Tea Dating Advice takes reasonable security measures to protect your Personal Information to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction. Please be aware, however, that despite our efforts, no security measures are impenetrable.»

Technologies

Samsung’s Galaxy Watch Ultra 2 Might Come in 5G and 4G Cellular Models

If the rumor proves true, the 5G Galaxy Watch Ultra would rival the 5G-enabled $799 Apple Watch Ultra 3 that debuted last fall.

Samsung’s next high-end Galaxy Watch could support faster 5G speeds, but if this leak is true, it will depend on where you live. The rumored Samsung Galaxy Watch Ultra 2 might come in 5G and 4G cellular models, with availability for each smartwatch depending on the country.

According to the Dutch website Galaxy Club (and spotted by SamMobile), Samsung’s servers may have revealed a series of model numbers that point to 5G, 4G and Wi-Fi-enabled editions of the next Galaxy Watch Ultra, which would succeed the original model that debuted in 2024.

A representative for Samsung did not immediately respond to a request for comment.

The Galaxy Club website speculates that the 5G edition would be sold in the US and Korean markets, while the 4G edition would sell in the rest of the world. In the US, a 5G version of the Galaxy Watch Ultra would rival the 5G-enabled $799 Apple Watch Ultra 3, which debuted last fall. The 4G edition would have broader compatibility worldwide, since the earlier network is far more established.

It will likely be a few months until we hear anything official about the Galaxy Watch Ultra 2. Samsung typically unveils its new watches in the summer alongside its Galaxy Z Fold and Z Flip foldable phones. Last year, Samsung unveiled the Galaxy Watch 8 and the Galaxy Watch 8 Classic, but otherwise left the prior 2024 Ultra in the lineup for those looking for a larger 47mm smartwatch.

Technologies

2 Cases Show Supreme Court Isn’t Holding ISPs Responsible for Piracy

Technologies

Today’s NYT Connections Hints, Answers and Help for April 8, #1032

Here are some hints and the answers for the NYT Connections puzzle for April 8, No. 1032.

Looking for the most recent Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle, Connections: Sports Edition and Strands puzzles.

Today’s NYT Connections puzzle is kind of tough. The purple category is a fun one, once you see the connection. Read on for clues and today’s Connections answers.

The Times has a Connections Bot, like the one for Wordle. Go there after you play to receive a numeric score and to have the program analyze your answers. Players who are registered with the Times Games section can now nerd out by following their progress, including the number of puzzles completed, win rate, number of times they nabbed a perfect score and their win streak.

Read more: Hints, Tips and Strategies to Help You Win at NYT Connections Every Time

Hints for today’s Connections groups

Here are four hints for the groupings in today’s Connections puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: In the group.

Green group hint: Appearance details.

Blue group hint: Often found in gyms.

Purple group hint: They help you see.