Tea Dating Advice Inc.’s popular app, designed for women to share anonymous insights about men, is currently facing a multitude of legal challenges following a significant data breach. This breach reportedly compromised thousands of personal images, ID photos, and private messages.
As of now, Tea is contending with ten potential class action lawsuits filed in various federal and state courts. The overarching claim in these lawsuits is that the company exhibited negligence regarding its data handling practices and violated contractual obligations to its users.
Legal experts have indicated that these lawsuits could lead to monetary damages in the tens of millions of dollars, which, if realized, could pose a severe threat to the company’s financial stability. Tea has not commented on the ongoing lawsuits.
Background of the Tea App
Launched in late July, the Tea app gained rapid popularity, quickly ascending the Apple App Store rankings as users sought to exchange information regarding their dating experiences. The platform allows users to upload images of men and categorize them as “red flags” or “green flags,” alongside other pertinent details. As of the latest reports, the app maintained a rank of third among the top free applications on Apple’s platform.
Details of the Data Breach
The initial data breach took place on July 25, involving around 72,000 images, with nearly 59,000 of those containing readable messages. Just two days later, another security incident came to light, revealing that over 1.1 million user direct messages from early 2023 until very recently were accessible due to the breach. Tea acknowledged that some direct messages were accessed as part of the earlier security lapse.
Legal Implications and User Impact
One of the plaintiffs, Griselda Reyes, who had recently registered for the app, learned that her information was affected by the breach, prompting her to look into credit monitoring and identity theft protection services. Following her case, a judge permitted that her lawsuit be linked with another plaintiff’s case, highlighting the widespread concern among users regarding the implication of their shared information.
Allegations Against Other Platforms
Some lawsuits have named additional defendants, such as the online platforms 4chan and X, accusing them of enabling the distribution of leaked personal data. Reports indicate that prior to the breach, users on 4chan initiated discussions about launching a “hack and leak” campaign. Just after the data leak, a user from 4chan reportedly shared a link to download data from the breached database, which subsequently circulated on X.
User Experiences Post-Breach
Many users, including an anonymous individual who spoke to NBC News, have expressed feelings of anxiety and paranoia following the breach. This user articulated that the app, initially aimed at women’s safety, had undermined its promise of anonymity and security.
Future Considerations for the Company
Experts note that while it may be straightforward to establish liability in cases like this, proving the extent of damages could be more complicated. Nevertheless, the way user data has allegedly been misused online could make defending against the damage claims more challenging for Tea.
The magnitude of these lawsuits is still unfolding, but several are already claiming damages upwards of $5 million. Legal professionals anticipate that settlements in similar high-profile cases have reached up to hundreds of millions, particularly affecting smaller companies like Tea, which, according to its LinkedIn profile, operates with only five employees.
Community Reaction and Ongoing Monitoring
With over six million users registered on the app, the impact of these events may pose both reputational and operational risks for Tea if confidence among its user base diminishes. Experts suggest that maintaining user trust will be vital for the company’s existence amid these legal battles.
As the legal landscape evolves, users affected by the breach may find themselves involved in proceedings that could lead to significant compensation or further measures aimed at restitution for the breach of trust experienced through the platform.
