Table of Contents
What Is TeaOnHer and Why It Matters
TeaOnHer is a newly launched iOS app created for men to share images and details about women they dated. Its name and concept mimic the popular Tea app, which let women post about men in a “safety sharing” format. While Tea gained viral traction and boasted over 6 million users, it also sparked controversy after a hack exposed thousands of private images and messages. That incident is covered in detail in our earlier article, “Tea App 4chan Hack Data Leak” on Squaredtech.
Read More About Our Article of Tea App Data Breach Exposes 13,000 Women’s Photos and IDs to 4chan Hackers Published on July 26th, 2025 SquaredTech
TeaOnHer positions itself as a counterpoint to Tea, borrowing similar language in its App Store description. However, this male-focused version has serious security flaws. Soon after its launch, TechCrunch revealed that TeaOnHer exposed user data publicly, including driver’s licenses and selfies, via unprotected web links. As an app climbing to No. 2 in the Lifestyle category and ranking ahead of major apps like Instagram and Uber, TeaOnHer’s poor data hygiene poses real risk to its tens of thousands of users.
Public Data Exposure: TeaOnHer App Leaks Driver’s Licenses, Selfies, Emails
TechCrunch uncovered that TeaOnHer stores user-uploaded images, including government-issued ID cards and selfies on web servers with publicly accessible URLs. Anyone with the link can view them without logging in. That means user’s most sensitive documents are vulnerable to anyone who stumbles upon or guesses the URL.
In one instance, TechCrunch discovered a system generated list of posts containing each user’s email address, location, and display name, alongside their images. This view appeared in a format that exposed every detail in plain sight. That user data is now public and unprotected.
While TeaOnHer claims to verify identity using uploaded IDs, the process is manual, slow, and insecure. Worse, the app offers a “Guest” view, which allows browsing without signing in. In minutes, TechCrunch accessed explicit images of a naked woman that had been reposted under multiple fake profiles. These images appeared with abusive commentary names like “easy” and accusations of STIs raising ethical questions around consent and content moderation.
Exposed Admin Credentials Create Security Nightmare
At a deeper layer of the problem, TechCrunch identified that TeaOnHer had left admin credentials specifically an email and plaintext password publicly exposed on its server. The login matched the identity of the app’s founder, Xavier Lampkin of Newville Media Corporation. According to LinkedIn, Lampkin is the CEO of the company that published TeaOnHer on the App Store.
These admin credentials likely grant access to the app’s internal dashboard, where data can be modified, deleted, or compromised. Although TechCrunch did not use the credentials (to avoid legal violations), the fact they were visible in plaintext highlights glaring server security failures. Anyone with technical knowledge could have captured those credentials and taken control of user information or manipulated content.
Guest Access Means No Accountability, No Security
One of the most alarming features in TeaOnHer is the guest access mode, which unlocks content without any login needed. This leaves the app open to abuse, misinformation, and harassment. TechCrunch accessed multiple posts many featuring explicit images of women posted under different aliases. The same image appeared several times with hateful language and user-generated labels.
Some posts claimed STI exposure or called women derogatory names. Since the content is accessible publicly, there is no age gate, consent mechanism, or moderation in place. That amplifies risk and indicates a disturbing lack of oversight by the app’s developers.
Long-Term View: Insufficient App Security Is No Excuse
We monitor tech scandals with an eye on user safety. TeaOnHer repeats the mistakes of Tea but with even less accountability. The Tea app suffered a breach revealing over 72,000 images and 1 million private messages, as detailed in our previous coverage. Now, TeaOnHer mirrors those failures and adds even deeper errors such as admin login exposure.
Despite multiple contact attempts, TeaOnHer’s team did not respond to requests for comment or bug reporting. That silence leaves users unprotected and without recourse. As the app continues to climb App Store ranks with 53,000 active users, the exposure of private IDs and credentials is nothing short of alarming.
Users who signed up, uploaded driver’s licenses or selfies, and posted content are now at risk of identity theft, impersonation, or public exposure. TeaOnHer has created a public database that anyone can browse undermining legal privacy standards and user trust.
Squaredtech Advice: Protect Yourself and Avoid the App
If you have used TeaOnHer:
- Remove Personal Data Immediately: Delete any driver’s license or selfie uploads from the app.
- Revoke Connected Accounts: If you used the same email or password elsewhere, change those credentials immediately.
- Monitor for Identity Exposure: Watch for suspicious activity credit alerts, unexpected login attempts, or identity misuse.
- Avoid Guest Browsing: Never open the app without an account it exposes you to content that may tie metadata to your identity.
TeaOnHer is a case study in how viral app success can outpace responsible development. Without basic security like access control, encrypted credential storage, or verified content moderation, an app should never collect personal data.
Final Word from Squaredtech.co
TeaOnHer offers a cautionary tale about fast moving platforms in the digital era: viral traffic without proper safeguards equates to widespread privacy abuse. As we’ve shown in our earlier article on the Tea app hack via 4chan, even mainstream apps can collapse from lax security. TeaOnHer takes that negligence further by exposing admin access and user credentials directly.
At Squaredtech.co, we believe app developers must prioritize security before scale. TeaOnHer’s failure to do so has put thousands at risk. Apple and other platforms should enforce stricter vetting especially for apps requesting user IDs and sensitive content.
TeaOnHer may dominate charts today, but without urgent fixes and accountability, it risks becoming a privacy liability for all its users. Contact your app store provider if you encounter similar data exposure issues and always prioritize apps that respect your data.
Stay Updated: Tech News
