Techly NewsGet the app

Get the latest tech news

How we found TeaOnHer spilling users’ driver’s licenses in less than 10 minutes


Exclusive: A dating gossip app for men exposed thousands of users' personal data, including scans of driver's licenses. The app's developer, Xavier Lampkin, won't say if he plans to notify affected users about the app's security lapse.

But much like Tea, the dating-gossip app for women it was trying to replicate, TeaOnHer had gaping holes in its security that exposed its users’ personal information, including photos of their driver’s licenses and other government-issued identity documents, as TechCrunch reported last week. The API page showed that the admin panel, used for the document verification system and user management, was located at “localhost,” which simply refers to the physical computer running the server and may not have been directly accessible from the internet. The records returned from TeaOnHer’s server contained users’ unique identifiers within the app (essentially a string of random letters and numbers), their public profile screen name, and self-reported age and location, along with their private email address.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of driver

driver

Photo of users

users

Photo of minutes

minutes

Related news:

News photo

Microsoft asks users to ignore certificate enrollment errors

News photo

First antidote for carbon monoxide poisoning "cleans" blood in minutes | An engineered protein that acts like a molecular sponge has the potential to change how carbon monoxide poisoning is treated

News photo

Some users report their Firefox browser is scoffing CPU power

« How Big Tech is paying its way out of Trump's tariffs
Apple's 14-Inch M4 MacBook Pro Gets Steep $300 Discounts, Starting at $1,299 »