Insights
Breach and Tell: Microsoft vs. Tea in the Crisis Hot Seat
Jonathan Provencher
August 14, 2025
|
2
min read

Tea, a rapidly growing dating platform, suffered a catastrophic security breach when hackers leaked more than 72,000 images – including selfies, government IDs, and private post photos. The blow worsened days later when a second breach exposed over 1.1 million private messages, revealing real names, phone numbers, and linked social media accounts.

The communications response? Initially, silence.

Tea’s social media channels went dark in the crucial first 48 hours, fueling anger, speculation, and the perception of evasiveness. Only after public outcry mounted did the company confirm the incidents, disable its direct messaging system, and announce that it was working with cybersecurity experts and law enforcement. By then, the damage was reputational as much as technical – users felt betrayed by a platform that had marketed itself as a safe, private space.

Microsoft, meanwhile, faced its own crisis when cybersecurity researchers disclosed that a Chinese-linked threat group had exploited a zero-day vulnerability in SharePoint, infiltrating multiple industry systems.

Within days of the disclosure, Microsoft issued emergency patches and launched a coordinated crisis communications effort. Updates were pushed through its official blog, security advisories, and the Microsoft 365 Status account on X (formerly Twitter), with clear, actionable guidance for customers on identifying compromise and applying fixes. The messaging was consistent, transparent, and reinforced the urgency of immediate action.

Two breaches. Two very different playbooks.

In today’s cyber environment, the question isn’t if you’ll face a security incident – it’s when. When disaster strikes, the first 24 hours are critical:

  • Assess whether the incident is a true crisis.
  • Align leadership on a unified strategy.
  • Decide if and when to bring in external experts.
  • Communicate early, often, and with substance, not spin.

We unpacked these lessons in our recent webinar on crisis communications leadership in a data breach, covering how to:

  • Contain reputational damage quickly.
  • Communicate effectively with customers, partners, and employees.
  • Build strong pre-incident relationships with government and regulators.

You can watch the entire webinar here.

Don’t wait for a crisis to plan your response. Preparation and practice are the only ways to ensure your organization is ready.

Recent Articles

Matt Roth
October 31, 2025
The New AI Vocabulary for 2026: 12 Terms Every Communicator Needs to Know
We’re deep into planning season again. As communicators and marketers look toward 2026, one truth is clear
Read More
Wojtek Dabrowski
October 10, 2025
When the Threat Comes from Within: What the RBC Insider Case Teaches About Crisis Communication and Preparedness
When most organizations picture a data breach, they imagine shadowy hackers breaking through digital defences from afar.
Read More
Morgan McLellan
September 24, 2025
The Truth Is Hard to Swallow: Kenvue’s Battle Against Tylenol Misinformation
This week, the White House suggested a link between Tylenol and autism, a claim unsupported by scientific consensus.
Read More
View all
Let's Connect
Fill in the form or use the provided contact details to get in touch with our team.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.