This is the kind of data breach that could happen when people have to upload ID documents to some social media platform. It could involve having all your PII (Personally Identifiable Information) linked with your public posts and your DMs (private messages) and all of it in a searchable database dump on the dark web or just 4chan or something.
Tea User Files Class Action After Women’s Safety App Exposes Data Joseph Cox , Emanuel Maiberg · Jul 29, 2025 at 3:09 PM Tea aims to provide a space where women can anonymously sign up and safely share information about men they are dating. Tea skyrocketed to the top of the U.S. Apple App Store last week, after which members of the notorious troll forum 4chan found an exposed Tea database which contained tens of thousands of images of Tea users and identity documents. Tea requires users to take a selfie when making an account to ensure that only women can access the service. The lawsuit says Reyes “submitted an image containing her PII [personally identifiable information] to Tea as part of the sign-up process.” The lawsuit was filed by Cole & Van Note, a law firm that deals with data breaches almost exclusively.
Maybe I just think about this more because I received a check in the mail for $34.49 as part of the class action lawsuit because of the Lehigh Valley Health data breach where I learned that other patients (not me) had their cancer related nude photos posted on the internet.
Trusting the people who run a lot of social media platforms to keep PII safe is probably not the right solution to keeping youths, or anyone, safe on the internet.
And many of us may get stuck in a situation where we can’t even prove our age or anything else, if I can’t even prove my identity to Goldman Sachs who one would assume wants my business.
My letter to reps:
I’m hearing about how people are going to need to upload their IDs to social media companies to verify age, but what is being put in place to ensure the protection of that data? I heard about the Tea breach where the social media platform was hacked and people’s IDs and DMs were all published on 4chan. What are you doing to make sure they stop that from happening to other social media users?
Please feel free to copy or repurpose for your own letters to reps.