Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Japanese sex toys maker Tenga discloses data breach

Sex toy maker Tenga says a hacker accessed an employee’s email account, potentially exposing customer names, emails, and order details. TENGA Co., Ltd. is a Tokyo-based Japanese sexual wellness and lifestyle company known for its innovative adult products. It employs roughly 125–200 people worldwide across its Japan headquarters and international offices. Tenga operates in personal […]

Tenga

Sex toy maker Tenga says a hacker accessed an employee’s email account, potentially exposing customer names, emails, and order details.

TENGA Co., Ltd. is a Tokyo-based Japanese sexual wellness and lifestyle company known for its innovative adult products. It employs roughly 125–200 people worldwide across its Japan headquarters and international offices.

Tenga operates in personal care product manufacturing and sells products in dozens of countries, with annual revenue estimates in the tens of millions of dollars.

The Japanese sex toy maker disclosed a data breach after a hacker accessed an employee’s professional email account, TechCruch reports. The unauthorized access exposed the contents of the inbox, potentially including customer names, email addresses, past correspondence, order details, and customer service inquiries. The company started notifying impacted customers on Friday, February 13, 2026.

With over 162 million products shipped worldwide, exposed emails may contain intimate order details and customer service inquiries that many would prefer to keep private.

The security breach exposes impacted customers to several risks. This can lead to targeted phishing, social engineering, and scams exploiting sensitive purchase information. Even without direct financial data, the exposure raises privacy concerns, reputational harm, and the potential resale of email addresses on underground forums.

The company advises impacted customers to change passwords and monitor for suspicious emails, particularly those that appear to come from the compromised employee, to reduce the risk of phishing or social engineering attacks.

In response to the security incident, the company reset the compromised employee’s credentials and enabled multi-factor authentication across its systems to block unauthorized access. The company did not disclose technical details about the attack. It is unclear whether the attackers attempted to blackmail the Japanese firm.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)