🤖 AI Summary
Overview
This episode delves into the catastrophic data breach of the Tea app, a women-focused dating safety platform, exposing sensitive user data. It explores the technical failures behind the breach, the fallout for users, and the creative (and controversial) ways developers have exploited the leaked data.
Notable Quotes
- It’s kind of sad that an app meant to help women stay safe ended up harming them instead.
- You actually have to go out of your way to screw up Firebase this bad.
- Between your AI coding agent bills, your AI girlfriend bills, and your cloud hosting bills, it’s never been more expensive to be a 10x developer.
🛡️ The Tea App and Its Purpose
- Tea was designed as a women-only platform to share warnings about problematic men encountered on dating apps.
- Users were required to verify their identity with a selfie and ID, aiming to create a safe space for women.
- Ironically, the app’s mission to protect women backfired spectacularly due to its poor data security practices.
💥 The Data Breach: What Went Wrong
- On July 25, 2025, Tea confirmed a breach of its Firebase storage bucket, which was left unencrypted and publicly accessible.
- The breach exposed 72,000 images, including selfies and ID photos, along with 1.1 million posts, comments, and messages.
- Firebase’s UI provides multiple warnings about insecure settings, making the oversight particularly egregious.
- Despite claiming selfies would be deleted post-verification, the app retained them, raising questions about dishonesty or incompetence.
🖥️ Developer Reactions and Exploitation of Leaked Data
- The leaked data became a playground for developers, with projects ranging from data analysis scripts to Google Maps visualizations of user locations.
- One developer controversially created a website ranking users based on their appearance, further victimizing those affected.
- The breach sparked widespread ridicule of the app’s users, with derogatory terms like roasties
trending online.
⚙️ The Role of Vibe Coding
and Amateur Development
- Tea’s creator, Shawn Cook, had only six months of coding experience, raising concerns about the app’s technical foundation.
- Critics labeled the app vibecoded slop,
suggesting it was hastily and poorly developed.
- The incident highlights the risks of inexperienced developers handling sensitive user data without robust security measures.
📜 Broader Implications for Online Safety
- The breach coincided with new age verification laws for adult websites in the UK and parts of the US, sparking fears of similar data leaks.
- The episode underscores the growing tension between privacy, security, and the increasing regulatory oversight of online platforms.
AI-generated content may not be accurate or complete and should not be relied upon as a sole source of truth.
📋 Video Description
Get up to 67% off VPS at Hostinger. Use code FIRESHIP for an extra discount at https://hostinger.com/fireship
In today's video, we'll find out how the tea app was compromised and look at all the hilarious stuff developers have been building with the hacked data.
#teaapp #tech #coding #programming
💬 Chat with Me on Discord
https://discord.gg/fireship
🔗 Resources
https://techcrunch.com/2025/07/26/dating-safety-app-tea-breached-exposing-72000-user-images/
🔥 Get More Content - Upgrade to PRO
Upgrade at https://fireship.io/pro
Use code YT25 for 25% off PRO access
🎨 My Editor Settings
- Atom One Dark
- vscode-icons
- Fira Code Font
🔖 Topics Covered
- How the Tea app got hacked
- Who is Sean Cook?
- How to not set up Firebase
- Online Safety Act
- Did vibe coding cause the Tea app hack?