Temu, a rapidly expanding e-commerce platform, has refuted claims of a data breach after a hacker advertised the alleged theft of a database containing 87 million customer records on a popular hacker forum, according to a news report from BleepingComputer.
The purported breach was publicized by a threat actor known as 'smokinthashit,' who attempted to sell the allegedly stolen data breach.
The hacker released a sample of the data they claimed to possess, which included sensitive information such as usernames, IDs, IP addresses, full names, dates of birth, gender, shipping addresses, phone numbers, and hashed passwords.Â
Additionally, the threat actor asserted ongoing access to Temu's internal emails and panels, citing vulnerabilities in the company's code.Â
In response, Temu has conducted a thorough examination and cross-referenced the provided data samples against their existing database. The company stated that no matches were found, strongly denying the occurrence of a hack or data breach.Â
Temu, renowned for its competitive pricing and promotional strategies, especially in low-cost clothing, home goods, electronics, and accessories, operates globally, including in key markets like Europe and the U.S.
While Temu has faced prior scrutiny regarding data privacy, product quality, and shipping concerns, it has not been embroiled in a significant data breach incident to date.Â
The absence of concrete evidence supporting the hacker's claims, combined with Temu's assurance of data integrity, suggests that this alleged breach may lack credibility.
In recent news, the ‘ZeroSevenGroup’ user boasted on a popular cybercriminal forum about having hacked Toyota’s U.S. branch and announced sharing the stolen data for free. The Japanese multinational automotive manufacturer confirmed the security incident.