Tea bills itself as a safety dating app for women, allowing users to anonymously share details about men they have met. A new app called TeaOnHer has emerged that attempts to flip the script, with men sharing information about women they date. And while Tea drew scrutiny last month after a data breach revealed user information, including potentially identifying details such as phone numbers and personal anecdotes, the copycat app seems to be suffering from the same problem.
TechCrunch discovered several security issues at TeaOnHer, which is currently second most popular lifestyle app on iOS. (Tea is the current leader despite the issues). The publication reported that it identified a security flaw that allowed anyone to access TeaOnHer user data, including usernames, email addresses, uploaded driver's licenses and selfies. It also found a possible second issue where the email address and plaintext password for Xavier Lampkin, founder and CEO of the app's developer, was left exposed. These credentials appear to offer access to TeaOnHer's admin panel, which is another security risk.