BleepingComputer reports that Temu has repudiated the alleged data breach by threat actor "smokinthathit," who claimed to exfiltrate a database with 87 million customer records stolen from the increasingly popular Chinese global e-commerce platform.
While information in the stolen database, which has been peddled on BreachForums, was purported to include customers' full names, birthdates, gender, usernames and IDs, hashed passwords, phone numbers, shipping addresses, and IP addresses, Temu emphasized that none of the shared data samples aligned with their transaction records. "We take any attempt to tarnish our reputation or harm our users extremely seriously and reserve the right to pursue legal action against those responsible for spreading false information and attempting to profit from such malicious activities," said Temu. Despite Temu's assertions of false breach claims, the threat actor said that they had continued access to the e-commerce platform, whose code also had vulnerabilities, although evidence supporting both claims were not provided.
