Sex toy firm hit by data breach - Tenga says hacker infiltrated systems, stole customer data

News
By published

A Tenga employee reportedly fell for a phishing email

Close up of a person touching an email icon.
Image Credit: Pixabay (Image credit: Geralt / Pixabay)
  • Tenga cyberattack via phishing exposed customer names, emails, and order/service details
  • Attacker accessed inbox, exfiltrated data, and sent spam to employees and customers
  • Company reset credentials, enabled MFA, and urged customers to refresh passwords and stay vigilant

Japanese sex toys manufacturer Tenga has reportedly suffered a cyberattack and lost some of its customers’ data.

TechCrunch claims to have seen a data breach notification letter Tenga allegedly sent to its employees, stating how someone targeted a Tenga employee with phishing and managed to obtain access to their inbox.

From there, they were able to exfiltrate customer names, email addresses, and historical email correspondence “which may include order details or customer service inquiries.”

Deploying MFA

While the information on the nature of the data is vague, stealing order details and customer service inquiries could be enough for sophisticated, tailored phishing attacks, leading up to account compromise, identity theft, wire fraud, and more.

The attacker also used inbox access to send some contacts - employees and customers alike - spam messages.

We don’t know how many people are affected, or if someone already claimed responsibility for this attack. Nevertheless, Tenga urged all customers to, out of an abundance of caution, refresh passwords on most accounts, and be wary of incoming email messages, especially those claiming to be coming from Tenga.

In response to the attack, the company reset the credentials for the compromised user’s accounts and enabled multi-factor authentication (MFA) across its systems. It was left unclear if MFA was deployed before the attack in any capacity, and the company did not answer questions why MFA was not universally present beforehand.

Tenga is a Tokyo-based manufacturer of sexual wellness products founded in 2005. The privately held company employs roughly 50 - 200 people across its global operations and serves markets in Asia, Europe, the US and beyond, with products available in many thousands of retail outlets and online channels.

The company has shipped well over a hundred million units globally and reported annual sales approaching roughly ¥10 billion ($66 - 67 million) in recent years, with nearly half of its revenue from overseas markets. Its portfolio also includes brands focused on women and sexual health education.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.