Sex toys maker Tenga says hacker stole customer information
Summary
Tenga's data breach exposed about 600 U.S. customers' names, emails, and order details after an employee's email was hacked. The company has notified affected individuals.
Tenga data breach exposes customer information
Sex toy manufacturer Tenga has notified customers of a data breach. The company confirmed the incident to TechCrunch on Friday.
In an email to customers, Tenga stated that an unauthorized party gained access to a single employee's professional email account. This access potentially allowed the hacker to view and steal customer names, email addresses, and historical email correspondence.
What data was compromised
The compromised inbox contained emails that "may include order details or customer service inquiries." Given the nature of Tenga's products, this correspondence likely includes intimate information customers would not want disclosed.
The hacker also used the breached account to send spam emails to the employee's contacts, which included customers. Tenga has stated the breach affected approximately 600 people in the United States.
A company spokesperson said, “We have already proactively contacted those who may have been impacted to ensure their safety and provide guidance.” It is unclear if customers outside the U.S. were affected.
Company response and security lapses
Following the breach, Tenga says it took several security measures. These included resetting the compromised employee’s credentials and enabling multi-factor authentication (MFA) across its systems.
However, the company spokesperson would not confirm whether MFA was enabled on the email account prior to the breach. Enabling MFA is a basic security practice that prevents access to accounts even if a password is stolen.
The company also recommended customers take their own precautions:
- Change your passwords, even though Tenga did not state that customer passwords were compromised.
- Be vigilant of suspicious emails, particularly those appearing to come from the specific employee whose account was breached.
A recurring problem for adult industry companies
Tenga is the latest in a series of adult-oriented companies to suffer a data breach. This trend highlights ongoing security challenges within the sector.
Other notable breaches in recent years include:
- Sex toy maker Lovense, which was hacked last year.
- Adult website Pornhub, which experienced a breach last year.
- Site SexPanther, which was hacked in 2020.
Tenga, founded in 2005 and headquartered in Tokyo, sells a variety of sex toys and says it has shipped over 162 million products worldwide. The company's U.S. division, Tenga Store USA, was the entity that communicated the breach.
Related Articles
A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon
A $10,000 bounty is offered to hack Ring cameras to stop sending data to Amazon, following backlash over a Super Bowl ad that highlighted the surveillance potential of its network.
HackerOS is what a Linux enthusiast’s OS should be
HackerOS is a versatile Debian-based Linux distribution with multiple editions for different users. It includes unique features like a helpful ZSH terminal and fun "hacker" commands, making it appealing for both regular users and enthusiasts.
Stay in the loop
Get the best AI-curated news delivered to your inbox. No spam, unsubscribe anytime.