The Paradox of ''Anti-Cyberbullying'' and Data Retention
Women-only community app "Tea" officially acknowledged an image data leak incident. Among 72,000 leaked photos, approximately 13,000 were selfies and ID card images used for user verification. This incident is not simply hacking — it''s a structural crisis caused by insufficient security in the platform''s initial design and a data retention approach that lost balance between legal requirements.
On July 25, 2025 at 6:44 AM (US Pacific time), Tea detected "unauthorized access" in its system and immediately launched an investigation. External cybersecurity experts confirmed approximately 72,000 images of users who joined before February 2024 were leaked: 13,000 were selfies and ID photos submitted for user identity verification; the remaining 59,000 were images exposed in app posts, comments, and messages. The company stated: "This data was leaked from archives retained for cyberbullying investigations and law enforcement agency requirements."
The leak occurred from Tea''s early storage (legacy storage). The company conducted a security-enhanced system migration as of February 2024, but some previous content was confirmed to not have been migrated and remained in the old structure. Image storage links (identifier links) used during initial development were accessible, these links were not properly disposed of, and image originals were mass-exposed by unauthorized external parties. Tea had mandated selfie + ID verification through 2023 for platform verification, retaining this data for cyberbullying investigation cooperation — but ID storage risks conflict with privacy protection regulations, and long-term retention without legal basis may violate GDPR and similar international standards. Tea clarified "email addresses and phone numbers were not leaked" and "users who joined after February 2024 are unrelated to this leak." However, concerns persist about impersonation crime possibilities from ID leakage, deepfake misuse potential, and trust collapse over "selfies believed deleted still being retained." The key lesson: "ID storage must be minimized and encrypted, automatically deleted when the purpose expires." "Data users ''believe they deleted'' must actually be deleted — transparent data management determines platform trust." Trust begins from "invisible security design."
