Things look bleak in the tech sphere as we close out a year marked by plummeting stocks, continued mass layoffs and a fall from grace for major social media companies. Yet Stanford dropout Teddy Solomon’s story about Fizz co-founder is so reminiscent of Facebook that he was introduced to its investor and now CEO Rakesh Mathur as “the next Mark Zuckerberg.” So, is it a good time to build a buzzy new social app, or is it a complete mess?
If anything, venture capitalists seem eager to fund the future of social media. Fizz closed a $4.5 million seed round in June, and the social media app for college students has already raised $12 million Series A. This rapid growth from seed to Series A is almost unheard of in a bear market, but Fizz seems to have the ethos of moving fast and (hopefully not) breaking things.
Fizz is only available to students and users can only access the Fizz community for their own college. On the app, students can post text messages, polls, and photos without a username or identifying information. Like Reddit, classmates can upvote or downvote what they see in their feed. Users can DM each other and choose to reveal their identities if they wish.
When australiabusinessblog.com covered the Fizz seed round in October, the app had launched on 13 campuses (each campus has its own individual community). In less than two months, that number has doubled to 25 campuses. Using the Series A, led by NEA with participation from Lightspeed, Rocketship, Owl Ventures, Smash Ventures and New Horizon, Fizz’s goal is to reach 1,000 campuses by the end of 2023.
“What we’ve found is that Fizz is making an impact across campus cultures, from highly academic Ivy League schools to party schools and now HBCUs,” co-founder and COO Teddy Solomon told australiabusinessblog.com. “Fizz is all about providing students with a safer, private and engaging space to connect with each other about their shared experience of living on the same college campus, whatever that experience and culture may be.”
Fizz says it has reached a 95% penetration rate among iPhone users (it doesn’t have an Android app yet) on campuses like Stanford, Dartmouth, Pepperdine, and Bethune-Cookman. offering free donuts in exchange for downloads, which is standard with college-founded apps. Regardless, Fizz claims that more than half of its users engage with the app every day, an impressive statistic in itself.
However, Fizz’s ascension has not been without conflict.
As reported the Stanford Daily earlier this month, Fizz had a serious vulnerability in November 2021. Three Stanford students found that anyone could easily search the app’s Google Firestone-hosted database to identify the author of a post on the platform, where all posts are billed as anonymous. They also found users’ personal information, such as phone numbers and email addresses. In addition, the database was editable, making it possible to edit posts and give any user moderator status.
“Once we became aware of the vulnerability, we worked with a security consultant who helped us resolve that particular issue within 24 hours, ending the risk for our users. We then notified all of our users about the fix and posted the changes on our website,” Ashton Cofer, co-founder and CTO of Fizz, told australiabusinessblog.com. Fizz told users about the issues via a blog post.
It’s the industry standard that when researchers find such egregious vulnerabilities in good faith, they report their findings to the company so they can be patched before adversaries can take advantage of them. But these well-meaning students told the Stanford Daily that “Fizz’s lawyer threatened us with criminal, civil and disciplinary charges unless we agreed to keep quiet about the vulnerabilities.” The student newspaper received a copy of the letter (note: Fizz was called Buzz at the time).
Lawyers from the Electronic Frontiers Foundation (EFF) represented the three Stanford students in response to Fizz’s legal threat.
“Your legal threats against the students jeopardize security research, discourage reporting of vulnerabilities and will ultimately lead to less security,” said the EFF attorneys. replied to Fizz.
australiabusinessblog.com asked Fizz why the team chose to take legal action at the time. Cofer said he and Solomon followed the recommendations of a cybersecurity consultant.
“Following the letter, we have sat down with the hackers and resolved the matter amicably, and no further legal action has been taken,” he said. “Being a small team at the time, we chose to follow the advice of our consultants and legal advisers and we are pleased to have concluded the discussion with the investigators on good terms.”
Cofer added that the vulnerability also stemmed from the fact that the team was so small at the time – it was just Cofer and Solomon, who were full-time students at the time. According to Cofer, Fizz now has a team of 25 employees, including engineers with decades of experience.
“Our security practices have evolved significantly and we remain committed to the safety and privacy of our users as Fizz grows. Following this incident, we have made sure that our users’ Personally Identifiable Information (PII) is stored in a separate, secure database, which can only be accessed by Fizz administrators. This means that no Fizz users, moderators or launch teams can see another user’s PII at any time,” said Cofer. Fizz outlines his security practices in more detail on his website.