Close Menu
TechurzTechurz
    What's Hot

    Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

    July 7, 2026

    Station F ramps up as a launchpad for Europe’s hottest AI startups

    July 6, 2026

    Smart glasses maker Even Realities hits $1B valuation with $150M funding led by Meituan, Tencent

    July 6, 2026
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Tech Pulse
    • Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom
    • Station F ramps up as a launchpad for Europe’s hottest AI startups
    • Smart glasses maker Even Realities hits $1B valuation with $150M funding led by Meituan, Tencent
    • Uber’s European expansion plans may have hit a speed bump
    • IQM, Europe’s first public quantum company, admits the future of the tech is uncertain
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    TechurzTechurz
    • Home
    • Tech Pulse
    • Future Tech
    • AI Systems
    • Cyber Reality
    • Disruption Lab
    • Signals
    TechurzTechurz
    Home - News - Lovense adult toy app leaks private user email addresses – what we know, and how to stay safe if you’re affected
    News

    Lovense adult toy app leaks private user email addresses – what we know, and how to stay safe if you’re affected

    TechurzBy TechurzJuly 29, 2025No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    shocked woman at laptop
    Share
    Facebook Twitter LinkedIn Pinterest Email


    • Researchers found a way to extract email addresses from Lovense user accounts
    • A mitigation was released, but allegedly it’s not working as intended
    • The company claims it still needs months before plugging the leak

    Lovense, a sex tech company specializing in smart, remotely controlled adult toys, had a vulnerability in its systems which could allow threat actors to view people’s private email addresses.

    All they needed was that person’s username and apparently – these things are relatively easy to come by.

    Recently, security researchers under the alias BobDaHacker, Eva, Rebane, discovered that if they knew someone’s username (maybe they saw it on a forum or during a cam show), they could log into their own Lovense account (which doesn’t need to be anything special, a regular user account will suffice), and use a script to turn the username into a fake email (this step uses encryption and parts of Lovense’s system meant for internal use).


    You may like

    That fake email gets added as a “friend” in the chat system, but when the system updates the contact list, it accidentally reveals the real email address behind the username in the background code.

    Table of contents
    1 Automating exfiltration
    2 How to stay safe
    2.1 You might also like

    Automating exfiltration

    The entire process can be automated and done in less than a second, which means threat actors could have abused it to grab thousands, if not hundreds of thousands of email addresses, quickly and efficiently.

    The company has roughly 20 million customers worldwide, so the attack surface is rather large.

    The bug was discovered together with another, even more dangerous flaw, which allowed for account takeover. While that one was quickly remedied by the company, this one has not yet been fixed. Apparently, the company still needs “months” of work to plug the leak:

    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

    “We’ve launched a long-term remediation plan that will take approximately ten months, with at least four more months required to fully implement a complete solution,” Lovense told the researcher.

    “We also evaluated a faster, one-month fix. However, it would require forcing all users to upgrade immediately, which would disrupt support for legacy versions. We’ve decided against this approach in favor of a more stable and user-friendly solution.”

    Lovense also said that it deployed a proxy feature as a mitigation but apparently, it’s not working as intended.

    How to stay safe

    The attack is particularly concerning as such records could contain more than enough of sensitive information for hackers to launch highly personalized, successful phishing campaigns, leading to identity theft, wire fraud, and even ransomware attacks.

    If you’re concerned you may have been caught up in the incident, don’t worry – there are a number of methods to find out. HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.

    And if you save passwords to a Google account, you can use Google’s Password Checkup tool to see if any have been compromised, or sign up for one of the best password manager options we’ve rounded up to make sure your logins are protected.

    Via BleepingComputer

    You might also like

    addresses Adult affected app Email Leaks Lovense Private Safe Stay toy User youre
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleRazer BlackShark V3 Pro ANC review: The best gaming headset gets better, thanks to active noise cancellation
    Next Article 15 Sneaky Places You’ve Probably Forgotten to Clean
    Techurz
    • Website

    Related Posts

    Opinion

    Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

    July 7, 2026
    Opinion

    Pixi’s new iOS app turns text messages into interactive AR experiences

    June 18, 2026
    Opinion

    Malaysia’s AI agent-powered messaging app Respond.io raises $62.5M, eyes acquisitions

    June 16, 2026
    Add A Comment
    Latest Tech Pulse

    College social app Fizz expands into grocery delivery

    September 3, 20252,290

    12 Father’s Day E-Card Sites That Are Actually Good

    June 4, 202523

    SolarSquare in talks to raise up to $60M as India’s rooftop solar market draws major VC interest

    May 23, 202622
    Stay In Touch
    • YouTube
    • WhatsApp
    • Twitter
    • Pinterest
    • LinkedIn

    Techurz helps readers stay ahead of digital change with clear, practical, future focused technology intelligence written today,searched tomorrow.

    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Company
    • About Us
    • Contact Us
    • Our Authors / Editorial Team
    • Write For Us
    • Advertise
    Policy
    • Editorial Policy
    • Privacy Policy
    • Terms and Conditions
    • Affiliate Disclosure
    • Cookie Policy
    • Disclaimer
    • DMCA
    Explore
    • AI Systems
    • Cyber Reality
    • Future Tech
    • Disruption Lab
    • Signals
    • Tech Pulse
    • Sitemap

    Join the Techurz Brief

    The future does not arrive suddenly.
    Stay ahead with fast, sharp tech signals.

    Type above and press Enter to search. Press Esc to cancel.