Overview

• TeaOnHer surged to the No. 2 spot in Apple’s Lifestyle category within days of its early August launch.
• Security researchers discovered an unsecured API that allows anyone to access users’ email addresses, selfies and driver’s licenses.
• Administrative email credentials left on Newville Media’s server create a pathway for potential malicious control of the app.
• Developer Newville Media Corporation and CEO Xavier Lampkin have not responded to repeated inquiries about the security flaws.
• The original Tea app remains under FBI investigation, faces multiple class-action lawsuits and has paused messaging while offering identity protection to affected users.