One of the phrases I hate reading in breach disclosures is “at this time.” It’s a placeholder that sounds cautious but signals uncertainty. In the latest update from Tea, it shows up four times.

As I wrote last week, the Tea dating app breach appears to have started with a legacy system, left online for compliance. They seemed confident that the data exposure was limited to that outdated system, not affecting newer users. That distinction mattered. It helped them avoid notifying their growing user base and kept the scope of the incident tightly controlled.

But yesterday, private message archives from a much newer database were leaked.

These messages aren’t just metadata or email addresses. They contain deeply personal, private conversations. Some people are calling this a second breach. That might be true, but based on the timing and nature of the data, it’s more likely part of the same compromise.

Still, the company repeats: “At this time, we have found no evidence of access to other parts of our environment.”

This is the nightmare scenario in cybersecurity. You think you’ve contained the breach, and then something surfaces that tells you the hole is deeper than expected. The messages leaked yesterday will likely result in more disclosures and require additional explanation from the company. For this reason Tea is likely hoping this is the last time they need to update the disclosure.