Men’s Tea App Exposes User Data and Driver’s Licenses
▼ Summary
– TeaOnHer, a new app for men to share photos and info about women they’ve dated, has exposed users’ personal data, including government IDs and selfies.
– The app is a response to the controversial Tea app, which allows women to post about men they date and recently suffered a data breach exposing 72,000 images.
– TeaOnHer has security flaws allowing public access to user data like emails, driver’s licenses, and selfies, with 53,000 users affected at the time of reporting.
– The app’s creator, Xavier Lampkin, had his own data exposed, and admin credentials for the app were left unprotected on a server.
– TeaOnHer ranks No. 17 among free iOS apps and features troubling content, including non-consensual nude photos and derogatory posts about women.
A controversial new app called TeaOnHer, designed as a male counterpart to the viral women’s dating safety app Tea, has exposed sensitive user data, including driver’s licenses and selfies, due to critical security flaws. TechCrunch verified that personal information from thousands of users was left publicly accessible, raising serious privacy concerns.
The app, which surged to the No. 2 spot in Apple’s Lifestyle category shortly after launch, mirrors Tea’s concept but reverses the gender dynamic. Tea, with over 6 million users, allows women to anonymously share experiences about men they’ve dated, sparking debates about accountability and unverified claims. Last week, Tea itself faced backlash when hackers leaked thousands of verification photos and private messages from its database.
TeaOnHer’s vulnerabilities go beyond ethical concerns, its technical flaws put users at risk. Investigators found that driver’s licenses, email addresses, and selfies uploaded for verification were stored on unsecured servers, accessible via simple web links. In one instance, posts included users’ email addresses and self-reported locations. While TechCrunch withheld specific exploit details to prevent misuse, the scale of exposure suggests nearly 53,000 users could be affected.
Further compounding the issue, an admin-level email and password linked to the app’s creator, Xavier Lampkin, were discovered in plaintext on a server. Though unused by investigators, these credentials could have granted unauthorized access to backend systems. The developer, Newville Media Corporation, did not respond to requests for comment.
Beyond security lapses, TeaOnHer’s content raises red flags. Despite requiring ID verification for full access, the app permits unrestricted “guest” browsing. Within minutes of testing this feature, TechCrunch encountered explicit images of a woman posted repeatedly under fake names, raising questions about consent. Other posts featured women’s photos alongside derogatory labels or unsubstantiated health accusations.
Despite these issues, TeaOnHer’s popularity continues to climb, currently ranking above mainstream apps like Instagram and Netflix in free downloads. Its rapid rise highlights ongoing tensions around privacy, retaliation, and the unchecked spread of personal data in niche social platforms. With no fixes confirmed, users are advised to exercise extreme caution.
(Source: TechCrunch)
