Ten rejects claims of widespread data breach

BleepingComputer reports that Temu has dismissed claims of a data breach committed by a cybercriminal called “smokinthathit,” claiming that it stole a database of 87 million customer records stolen from an increasingly popular Chinese e-commerce platform.

While the information in the stolen database, which was sold on BreachForums, allegedly included customers’ full names, dates of birth, genders, usernames and IDs, hashed passwords, phone numbers, shipping addresses, and IP addresses, Temu emphasized that none of the shared data samples matched their transaction records. “We take any attempts to tarnish our reputation or harm our users very seriously and reserve the right to take legal action against those responsible for spreading false information and attempting to profit from such malicious activities,” Temu said. Despite Temu’s claims of a false breach, the threat actor said he still had access to the e-commerce platform, whose code also had vulnerabilities, although no evidence was provided to support either claim.