The company should be sued into the ground. This is horrendous

"Sir, we've already been breached once!"

"But what about second breach?"

They hired an investigator? Any investigator worth a shit is gonna say that they're liable for failing to secure private data they collected, as well as for retaining data they were apparently legally obligated to delete

Edit: Misread that segment, they actually presented it as if they were deleted to users, but apparently retained them to comply with vague "law enforcement requirements."

Both the company, for failing to protect its users; and a large majority of its users, for doxxing and libel.

Its unfortunate that it happened this way, but now the people who are being libeled against and doxxed have the ability to find out about it where they didn't before.

In any other engineering discipline this would he negligence.

It sucks for those people, but everyone should expect anything they say online to be possibly tied back to them. Secrets and identification information don't mix. Especially online. The good news is that there is no evidence any of it is real, anyone can lie on the site saying whatever they want, so if doxed someone can just say they were bored and wanted to fit in and see what others were discussing or such. Hopefully for them it doesn't turn into people getting hurt for talking behind someone's back like it often does offline.

The Tea app is a women-only dating safety platform where members can share reviews about men, with access to the platform only granted after providing a selfie and government ID verification.

This sounds irresistible for angry misogynists. The only thing that surprises me about this is that it didn’t happen earlier.

This is why you don’t vibe code a webservice

At least they’re honest, they did spill tea.

A whole lot of tea.

"Stop attacking us guys we just want to do a little misandry" -Tea app

fuck off with that complacency

there's so much underlying rules for private communication between computer systems, this type of thing is pure neglect boardering on international.

there's no reason to think everything online should be open and available. we should all be allowed to be in private spaces, especially if it's advertised as a private space

Everyone is talking about the poor security practices, which is fair. Or they are talking about the appropriateness of such an app existing, which is also fair.

But the immediate take away should be, especially in today’s political environment, that we cannot and should not trust sensitive data that leaves our device, particularly if you are of any kind of non privileged group.

Ostensibly, a noble goal. Practice is a bit more fuzzy.

Also: nothing is ever new

People complaining here that security was to lax, people complaining in the next thread that the libre dev is the victim because security was to high.

Is it possible to get both balanced, yes. But it will never make everyone happy.

Just another story where victims go on to become absuers it seems.

I'm not going to hold it against women for having a private group to tell on predatory dudes when this existed and nobody ever faced any consequences. What We Learned About the 70K-Person Telegram Channel on How to Rape Women

The only thing that surprises me about this is that it didn’t happen earlier.

I'm way out of the dating game at this point, and also a man, so it's very likely that I'm just out of the loop

But I hadn't heard anything about this app until a couple weeks ago when I saw an article or two about it

Then about a week later this happened

So I kind of feel like maybe most of the assholes who did this were similarly unaware of it until it got some exposure and then it was on their radar.

I would certainly imagine that most women using this app probably weren't telling the angry misogynists in their lives about this app.

the entire UK government disliked this comment

You get 89 cents in the settlement. Do you prefer to get a direct deposit or a check?