Japanese sex toy brand Tenga just had a phishing attack
Japanese sex toy brand Tenga just had a phishing attack that exposed the names and email addresses of about 600 US customers; inbox contents may have included order details or customer-service inquiries.
The company said no sensitive personal data, such as Social Security numbers, billing/credit card information, or TENGA/iroha Store passwords, were jeopardized, though it still advised customers to change passwords as a precaution.
The company spotted the breach on Friday, February 13, 2026.
Phishing attack specifics
A hacker got into an employee's email and sent out spam with attachments to both staff and customers, all within an hour in the middle of the night.
Since inbox contents may have included order info, there's a risk of targeted scams or awkward situations for those affected.
What is Tenga doing to fix things?
Tenga quickly reset passwords for the hacked account, rolled out multi-factor authentication everywhere, and told affected users to update their own passwords and watch for sketchy emails.
Breaches in the adult industry
Tenga isn't alone—other big adult product brands like Lovense and adult websites like Pornhub have also faced breaches lately.
It's a reminder that even niche companies need solid digital security, especially when privacy really matters.