Chat & Ask AI Exposed: Firebase Misconfig Leaks Database; Tea App Theft Uncovers 1.1 Million Private Messages
A security researcher flagged a critical vulnerability: the Chat & Ask AI app's database was exposed due to a Firebase misconfiguration. Separately, the Tea app experienced a major data breach, with a second database allegedly surfacing on hacking forums containing 1.1 million private messages.
The chatter focuses squarely on two distinct failures. lemmydev2 reported the initial Firebase exposure. This user later amplified the damage, citing the Tea app’s second breach, pointing to 1.1 million leaked chats. BrikoX reiterated the scope of the Tea leak, emphasizing the sheer number of exposed private messages.
The weight of the conversation points to severe, uncontained data leakage across multiple, disparate apps. The clear fault line is developer security oversight, showing basic infrastructure misconfigurations (Firebase) and third-party app vulnerabilities (Tea) are wide open.
Key Points
#1Chat & Ask AI database was openly exposed.
lemmydev2 detailed a security researcher finding the leak traced to a Firebase misconfiguration.
#2Tea app breach worsened significantly.
lemmydev2 reported a second database, suggesting 1.1 million private messages are now compromised.
#3Private message leakage is massive.
BrikoX highlighted the sheer scale of the Tea app fallout with the 1.1 million message count.
#4Vulnerabilities stem from basic backend errors.
The technical failure points directly at misconfigurations in Firebase and poor data handling in app development.
Source Discussions (3)
This report was synthesized from the following Lemmy discussions, ranked by community score.