Japanese sex toy company Tenga reported a data breach where hackers accessed customer information through an employee’s email account affecting about 600 U.S. customers
Tenga told customers about a data breach on Friday.
The Japanese company said an unauthorized person gained access to one employee’s professional email account. The hacker got names and email addresses from customers. The hacker could also see past emails between customers and the company. These emails might have included order details and customer service questions.
The company noticed the hacker also sent spam emails to the hacked employee’s contacts. After this story was published, a Tenga spokesperson told TechCrunch that the breach affected about 600 people in the United States. Tenga says on its website that it has shipped over 162 million products worldwide. Order details and customer service questions likely included private information customers would not want shared. The company recommended customers change their passwords even though it did not say passwords were taken.
Tenga said it took several actions after the breach. These included resetting the hacked employee’s login information and adding multi-factor authentication to company systems. This security feature makes it harder for others to access accounts with stolen passwords. Tenga was founded in 2005 in Japan and is headquartered in Tokyo. Tenga sells different sex toys mostly for men. It is not clear if the breach affected customers outside the United States because the email came from Tenga Store USA. Tenga is the latest sex toy company whose customer information was hacked, after companies like Lovense last year and adult websites like Pornhub in the same year and SexPanther in 2020.