this post was submitted on 25 Jul 2025
617 points (98.4% liked)

Technology

73232 readers
4940 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
617
"Tea" app - user database leaked today (incl. drivers license & IDs). Daily reminder not to give your ID to online services [THEY DO NOT PROTECT YOUR INFORMATION] (lemmy.dbzer0.com)
submitted 1 day ago* (last edited 1 day ago) by themachinestops@lemmy.dbzer0.com to c/technology@lemmy.world
93 comments fedilink hide all child comments
 

Remember the UK new safety law. https://techcrunch.com/2025/07/15/reddit-rolls-out-age-verification-in-the-uk-to-comply-with-new-rules/

https://www.404media.co/women-dating-safety-app-tea-breached-users-ids-posted-to-4chan/

top 50 comments
sorted by: hot top controversial new old
[–] CriticalMiss@lemmy.world 7 points 12 hours ago (1 children)

A public S3 bucket? Whoever used the app should start a class action lawsuit, this is beyond misconduct.

[–] Hobo@lemmy.world 3 points 11 hours ago

Imagine the other gaping security holes in this thing if storing all the data on a public s3 bucket flew under the radar until after release.

[–] Zealousideal_Fox_900@lemmy.dbzer0.com 9 points 14 hours ago (3 children)

It was literally just a gossip site. Glad it got what it deserved, even if 4channers suck. The male version of this got shut down too.

[–] sugar_in_your_tea@sh.itjust.works 1 points 13 minutes ago

Gossip sites suck, but nobody deserves to get their data leaked.

[–] mang0@lemmy.zip 1 points 46 minutes ago

Saying 4channers suck is very similar to saying Lemmy users suck. Depends on board and instance respectively.

[–] inb4_FoundTheVegan@lemmy.world 2 points 11 hours ago

Just curious, what was the male version?

[–] refract@lemmy.dbzer0.com 14 points 23 hours ago (1 children)

I understand the reasoning for the public intent of the app and would generally support it within reason cause society right now amirite.. but its not so subtle real world application has now leaked a DB of catty women for whom the majority ALSO show massive red flags. This isn't a sexist men vs women critique, if there was an app for men to rate women and dox them I'd feel the same way. Love it when shitty people bamboozle themselves.

[–] ipkpjersi@lemmy.ml 7 points 15 hours ago* (last edited 15 hours ago)

I mean it's even in the app name that it's not about protecting women and keeping them safe, it's literally about "spilling the tea" aka gossip. It's pretty gross and can be used for nonconsenual sharing of images and even slander too since there's no way to know if what someone is writing on there about someone is true or not.

[–] HexesofVexes@lemmy.world 21 points 1 day ago (1 children)

I can't wait till I read a similar article about porn sites; especially one where the doxxed individuals are politicians.

[–] Invertedouroboros@lemmy.world 4 points 17 hours ago

I mean, we kinda already ended up there with the Ashley Madison hack in 2015. Problems with that site aside, I feel like it's kinda the blueprint for everything wrong with companies that retain personally identifable info on folks. If a company collects details like your driver's license, it's not a question of if it gets out but when. There's just no way to collect that sort of data and truly keep it safe.

But, it seems like we've kinda forgotten how to learn lessons in the modern day, so I'm sure this was an isolated issue and we'll never see it's like again.

(/s on that last part, just in case that wasn't blindingly obvious.)

[–] hiramfromthechi@lemmy.world 51 points 1 day ago (2 children)

Gives me no pleasure to add it to idcaboutprivacy

Free and open source—feel free to contribute.

load more comments (2 replies)
[–] RobotZap10000@feddit.nl 134 points 1 day ago (1 children)

4channer try not be bigoted for 1 nanosecond challenge (IMPOSSIBLE) (GONE SEXUAL)

[–] skisnow@lemmy.ca 55 points 1 day ago

Yeah there was absolutely no need to include unfounded racist shit about “DEI hires” but it seems to be some sort of rule in 4chan that you have to be a bigoted fucknut in order to post

[–] kibiz0r@midwest.social 55 points 1 day ago (6 children)

So like, when do we get a government-run service to issue zero-knowledge proofs about us so companies have no reason to store stuff like this in the first place?

[–] Godric@lemmy.world 22 points 1 day ago (2 children)

Oh aye, I am the #1 government truster, they should "not record" where I visit and should be trusted to ignore my internet history

[–] kibiz0r@midwest.social 11 points 1 day ago

They wouldn’t see what sites you give the tokens to — unless those sites choose to phone home, for some reason.

  • You log in to the government site
  • You ask for a token to prove your age/gender/whatever
  • You copy the token
  • You go to the age/gender-restricted site
  • You provide the token
  • The restricted site asks the government site how to verify any arbitrary token (but doesn’t mention your specific token)
  • The restricted site verifies the token
[–] Appoxo@lemmy.dbzer0.com 25 points 1 day ago (5 children)

If I had to choose between a government and a private entity to store my personal governmental records (e.g. age and name), I'd 100% choose the government first.

load more comments (5 replies)
load more comments (5 replies)
[–] traches@sh.itjust.works 132 points 1 day ago (6 children)

Damn, if they had PII in a public bucket like that it’s criminally negligent. Well, at least it should be but I’m no lawyer

load more comments (6 replies)
[–] orclev@lemmy.world 115 points 1 day ago* (last edited 1 day ago) (33 children)

Uh... What's the tea app?

Edit: from what I can gather based on the last link attached to this post it seems to be some kind of app for women to talk about men they've dated. Why that needs drivers license uploads is a whole other question and definitely should have raised some massive red flags for anyone thinking about using it.

[–] Melvin_Ferd@lemmy.world 56 points 1 day ago* (last edited 1 day ago) (3 children)

"talk"

They try to get a pass on this by saying it's about "safety" and reporting creeps. But it's filled with women posting dudes and gossip. It gives me the same vibes as those sites back in the day that were shut down because they were essentially revenge porn sites. Same shit different form.

load more comments (3 replies)
load more comments (32 replies)
[–] Vinstaal0@feddit.nl 11 points 1 day ago* (last edited 6 hours ago) (5 children)

Friendly reminder that some services do need your ID otherwise they cannot help you or at least they need to very you (accountants, notaries, etc)

edit: I can´t do your tax report if I 1 don´t identify you and 2 I don't have the social security for which I need to do the report

load more comments (5 replies)
load more comments
view more: next ›