TENGA Co., Ltd., a Tokyo-based sex toy and wellness company, disclosed a data breach after a hacker accessed an employee’s professional email account. The incident potentially exposed customer names, email addresses, past correspondence, order details, and customer service inquiries. The company began notifying impacted customers on 13 February 2026. It has indicated that over 162 million products have been shipped worldwide, suggesting the scale of potential exposure for the company’s customer base.
The organisation reset the compromised credentials and enabled multi-factor authentication across its systems to block further unauthorised access, while it did not disclose technical details about the attack. The report notes that the breach could enable phishing and social engineering and raises privacy and reputational concerns, with the firm stating that affected customers should monitor for suspicious emails. According to TechCruch, the breach involved access to the contents of the inbox, potentially exposing sensitive order information.