Sex toy maker Tenga says a hacker stole customer information

Sex toy maker Tenga notified customers of a data breach on Friday, according to an email obtained by TechCrunch.

The Japanese company said in the message that “an unauthorized party gained access to the professional email account of one of our employees,” giving the hacker access to the contents of the employee’s inbox. This access potentially allowed the hacker to see and steal customer names, email addresses and historical email correspondence, “which may include order details or customer service inquiries.”

The hacker also sent unsolicited emails to the hacked employee’s contacts, including customers, according to the email sent to the customers.

After this story was published, a Tenga spokesperson told TechCrunch that the hack affected “nearly 600 people” in the US, based on a forensic review. “We have already proactively contacted people who may have been affected to ensure their safety and provide guidance,” the spokesperson said.

Tenga says on its website that it has shipped more than 162 million products worldwide.

Order details and customer service inquiries are likely to include intimate information that many customers may not wish to disclose, given the nature of the products in question.

The company recommended that customers change their passwords, although it did not mention that customers’ passwords had been compromised, and to be vigilant of suspicious emails, especially coming from a particular employee, who appears to be the one whose account was hacked.

Tenga said it took several actions after the hack, including resetting the compromised employee’s credentials and enabling “across our systems,” a key security feature called Multi-factor authenticationwhich prevents access to accounts with stolen passwords.

The company spokesperson did not say whether there were any multiple factors in the email account before the hack.

Tenga was founded in 2005 in Japan and is headquartered in Tokyo. Tenga sells a variety of sex toys, mostly for men. It’s unclear whether the hack affected customers outside the US, since the email explicitly came from Tenga Store USA.

Tenga is the latest in a long list of sex toy makers, Like Lovense last yearAnd adult websites, e.g Pornhub Last year and SexPanther In 2020, which was hacked.

It was first published on February 13. Updated with comment from a Tenga spokesperson.