Intercourse toys maker Tenga says hacker stole buyer data

Intercourse toy maker Tenga notified prospects of a data breach on Friday, in keeping with an e mail obtained by information.killnetswitch.

Within the message, the Japanese firm mentioned that “an unauthorized social gathering gained entry to the skilled e mail account of certainly one of our workers,” which gave the hacker entry to the contents of the worker’s inbox. This entry doubtlessly allowed the hacker to see and steal buyer names, e mail addresses, and historic e mail correspondence, “which can embody order particulars or customer support inquiries.”

The hacker additionally despatched spam emails to the hacked worker’s contacts, together with prospects, in keeping with the e-mail despatched to prospects.

After this story was printed, a Tenga spokesperson informed information.killnetswitch that the breach affected “roughly 600 individuals” in america, primarily based on a forensic assessment. “We have now already proactively contacted those that could have been impacted to make sure their security and supply steerage,” mentioned the spokesperson.

Tenga says on its web site that it has shipped over 162 million merchandise worldwide.

Order particulars and customer support inquiries are more likely to embody intimate data that many purchasers most likely wouldn’t wish to disclose, given the character of the merchandise in query.

The corporate really helpful prospects change their passwords, despite the fact that it didn’t say that prospects’ passwords have been compromised, and to be vigilant of suspicious emails, particularly coming from a particular worker, who seems to be the one whose account was breached. 

Tenga mentioned it took a number of measures after the breach, together with resetting the hacked worker’s credentials and enabling “throughout our techniques,” a primary security function known as multi-factor authentication, which prevents entry to accounts with stolen passwords. 

The corporate spokesperson wouldn’t say if there was any multi-factor on the e-mail account previous to the breach. 

Tenga was based in 2005 in Japan, and is headquartered in Tokyo. Tenga sells a wide range of intercourse toys, principally for males. It’s unclear if the breach affected prospects exterior of america, on condition that the e-mail got here explicitly from Tenga Retailer USA.

Tenga is the most recent in a protracted record of intercourse toy makers, resembling Lovense final yr, and grownup web sites, resembling Pornhub final yr and SexPanther in 2020, which have been hacked.

First printed on February 13. Up to date with remark from Tenga spokesperson.