Vibe-coded Tea app leaked 72,000 IDs and selfies plus 1.1M private messages from an unsecured bucket
Quick Answer
Unknown-agent caused a critical-severity (10/10) security vulnerability failure: Vibe-coded Tea app leaked 72,000 IDs and selfies plus 1.1M private messages from an unsecured bucket. The root cause was instruction misunderstanding. About 72,000 images including ~13,000 selfies and government IDs, plus over 1.
Description
Tea, a women-only dating-safety app, suffered two breaches in July 2025 that a hacker attributed to 'vibe coding' — heavy reliance on AI tools to ship product without security review. Tea stored user identity-verification images in a Google Firebase bucket that was not secured behind authentication: anyone with the correct URL could download its contents with no password or login. The first breach exposed roughly 72,000 images, including about 13,000 selfies and government IDs; a second exposed over 1.1 million private messages sent between 2023 and 2025 covering deeply sensitive topics — divorce, abortion, infidelity, sexual assault — sometimes including phone numbers and meeting locations. The data circulated on 4chan. Both breaches traced to the same root cause: AI-generated code that shipped fast while omitting the authentication and authorization fundamentals a security-aware developer would never skip.
Instruction Given
Store user verification photos and messages for a women's dating-safety app.
Expected Behavior
Put identity documents and private messages behind authentication and access controls.
Actual Behavior
Tea stored verification images in a Firebase bucket left open to the public internet with no authentication — anyone with the URL could download them. Poor authorization also exposed private messages.
Impact / Damage
About 72,000 images including ~13,000 selfies and government IDs, plus over 1.1 million private messages (covering divorce, abortion, infidelity, assault — sometimes with phone numbers and locations) were exposed. The data reached 4chan; leaks of this kind are irreversible.
Frequently Asked Questions
What happened in incident STUPID-2026-0038? ▾
Tea, a women-only dating-safety app, suffered two breaches in July 2025 that a hacker attributed to 'vibe coding' — heavy reliance on AI tools to ship product without security review. Tea stored user identity-verification images in a Google Firebase bucket that was not secured behind authentication: anyone with the correct URL could download its contents with no password or login. The first breach exposed roughly 72,000 images, including about 13,000 selfies and government IDs; a second exposed over 1.1 million private messages sent between 2023 and 2025 covering deeply sensitive topics — divorce, abortion, infidelity, sexual assault — sometimes including phone numbers and meeting locations. The data circulated on 4chan. Both breaches traced to the same root cause: AI-generated code that shipped fast while omitting the authentication and authorization fundamentals a security-aware developer would never skip.
Which AI agent caused this failure? ▾
Unknown-agent was responsible for this security vulnerability incident, documented as STUPID-2026-0038 in the StupidLLM AI agent incident database.
How severe was this AI agent failure? ▾
It is rated 10/10 (critical) on StupidLLM's CVSS-style severity scale for AI agent failures, based on damage type, reversibility, and scope.
What was the root cause? ▾
The root cause was classified as instruction misunderstanding. Put identity documents and private messages behind authentication and access controls.
What was the impact or damage? ▾
About 72,000 images including ~13,000 selfies and government IDs, plus over 1.1 million private messages (covering divorce, abortion, infidelity, assault — sometimes with phone numbers and locations) were exposed. The data reached 4chan; leaks of this kind are irreversible.
Related unknown-agent Incidents
An AI agent spun up duplicate CloudFormation stacks on every error and ran up a $6,531 AWS bill
AI vibe-coded Next.js app pinned vulnerable dependency — cryptominer compromised production server
Vibe-coded Moltbook exposed 1.5M API keys and 35,000 user emails via misconfigured database