Intercourse toys maker Tenga says hacker stole buyer data

Intercourse toy maker Tenga notified clients of a knowledge breach on Friday, in response to an electronic mail obtained by TechCrunch.

Within the message, the Japanese firm stated that “an unauthorized celebration gained entry to the skilled electronic mail account of considered one of our staff,” which gave the hacker entry to the contents of the worker’s inbox. This entry probably allowed the hacker to see and steal buyer names, electronic mail addresses, and historic electronic mail correspondence, “which can embrace order particulars or customer support inquiries.”

The hacker additionally despatched spam emails to the hacked worker’s contacts, together with clients, in response to the e-mail despatched to clients.

Tenga didn’t reply to a request for remark and to offer extra data, equivalent to the overall variety of clients affected. The corporate says on its web site that it has shipped over 162 million merchandise worldwide.

Order particulars and customer support inquiries are more likely to embrace intimate data that many purchasers in all probability wouldn’t need to disclose, given the character of the merchandise in query.

The corporate beneficial clients change their passwords, despite the fact that it didn’t say that clients’ passwords have been compromised, and to be vigilant of suspicious emails, particularly coming from a selected worker, who seems to be the one whose account was breached. 

Tenga stated it took a number of measures after the breach, together with resetting the hacked worker’s credentials and enabling “throughout our techniques,” a fundamental safety function known as multi-factor authentication, which prevents entry to accounts with stolen passwords. The corporate didn’t reply when it was requested if there was no multi-factor on the e-mail account previous to this breach. 

Tenga was based in 2005 in Japan, and is headquartered in Tokyo. Tenga sells quite a lot of intercourse toys, principally for males. It’s unclear if the breach affected clients outdoors of america, on condition that the e-mail got here explicitly from Tenga Retailer USA.

Tenga is the newest in an extended record of intercourse toy makers, equivalent to Lovense final 12 months, and grownup web sites, equivalent to Pornhub final 12 months and SexPanther in 2020, which have been hacked.