Privacy Exposed: Tenga Discloses Data Breach After Hacker Hijacks Employee Email

The Japanese manufacturer of intimate wellness products, Tenga, has issued a formal notification to its clientele regarding a security breach precipitated by unauthorized access to an employee’s professional electronic mail account. Through this compromised portal, an adversary was able to scrutinize internal correspondence and potentially exfiltrate sensitive purchaser information.

The corporation disclosed the occurrence via an official communiqué on February 13. According to their findings, an unidentified interloper successfully infiltrated the staff member’s account, gaining comprehensive visibility into the entirety of the inbox’s contents. This repository may have contained customer names, email addresses, and detailed records of past interactions. Furthermore, specific messages harbored granular data concerning product orders and formal inquiries directed to the support department.

Utilizing the hijacked account, the antagonist disseminated unsolicited messages to the employee’s contacts, including patrons of the online storefront. Tenga has remained reticent regarding the exact number of individuals affected and has not responded to journalistic inquiries. However, the brand’s global reach is substantial, with over 162 million units shipped worldwide since its inception.

Given the highly discreet nature of the products, support correspondence and order specifics often contain deeply personal information that consumers typically intend to remain confidential. While the firm has not asserted a theft of account credentials, it has nevertheless recommended that users update their passwords and exercise heightened vigilance toward suspicious communications—particularly those originating from the specific staff member whose credentials were compromised.

Following the discovery of the intrusion, Tenga invalidated the afflicted employee’s credentials and implemented multi-factor authentication (MFA) across its internal systems—a security layer that necessitates more than a mere password for account access. The corporation has not specified whether such a safeguard was operational prior to the incident.

Headquartered in Tokyo and operational since 2005, Tenga specializes in a diverse array of intimate devices. At present, the geographical scope of the breach remains ambiguous, as the notifications were primarily distributed by the company’s United States-based e-commerce entity.