Temu Data Leak Claim: 310M Records for Sale
Major data leaks rarely begin with hard proof. The Temu case follows that same pattern. A loud claim on a shadow forum can point to a real breach. Or it can point to an attempt to sell a shaky dataset. So far, this story sits somewhere between those two outcomes.
A New Listing Tied to Temu
A seller on a cybercrime forum recently posted a database linked to Temu. Temu is a Chinese marketplace known for low-cost goods shipped directly from sellers. According to the listing, the dataset holds roughly 310 million user records. The claim alone, however, doesn’t confirm anything.
What Cybernews Actually Verified
Cybernews reviewed the case and checked 99 published samples. Those samples looked fresh, and most carried timestamps from 2026. As a result, the dataset doesn’t look like an old leak dressed up as something new. Still, researchers couldn’t confirm the full scale that the seller claimed.
What the Sample Data Contains
The samples reportedly include names, email addresses, and phone numbers. They also contain user IDs, bcrypt password hashes, and device details for both Android and iOS. Beyond that, the data holds app version numbers and IP addresses used for registration and login. It also includes language settings, location data, account creation dates, and internal system flags.
A Possible Source, Not a Confirmed Breach
Cybernews researchers think the source might sit inside an internal account system. Or it might come from a third-party service that handles Temu’s user profiles. That idea comes from the sample structure itself, not from any confirmed hack. Technical fields, device data, and account credentials all appear together in the samples. That mix points to a backend system, not a simple frontend scrape.
The Real Risk: Credential Reuse and Phishing
The biggest danger isn’t exposed passwords. The samples show bcrypt hashes instead of plain text. Still, attackers can crack weak passwords through brute-force attacks. Once they crack a password, attackers often try the same login on other sites. Contact details, device data, language, and location data also fit targeted phishing scams. A fake message built from this data can look like a normal marketplace alert.
Temu Pushes Back
Temu has denied any link between this dataset and its own systems. The company said it looked into the breach claims and found them false. Temu also pointed to several safeguards. The company holds MASA certification and runs a bug bounty program through HackerOne. It supports two-factor login and belongs to the Anti-Phishing Working Group. Temu also follows PCI DSS rules for payment security.
Reasons for Skepticism
The listing’s price adds another reason for doubt. The seller priced this supposedly massive database at just $700. That figure looks oddly low for a leak of this claimed size. A similar case played out in 2024. Back then, another seller claimed to have stolen 87 million rows of Temu user data. Temu denied that claim too, and no independent source ever confirmed it.
Independent researchers haven’t checked the data yet. For now, this story remains an unconfirmed sale of samples that may or may not hold real user data.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.