Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

hippowaste listed on couponmatrix.ukkally-sleep listed on couponmatrix.ukmaplin-electronics listed on couponmatrix.ukmountain-warehouse listed on couponmatrix.ukpaint-your-life listed on couponmatrix.uksuperga listed on couponmatrix.uk
hippowaste listed on couponmatrix.ukIf you’re planning a renovation, a major clear out or demolishing an old shed then you have to think about what you’re going to do with the waste. Do you have to hire a flatbed and go to the dump? Do you try to hide it all in bin bags so your binman takes it all or is there a better solution? Well, this is exactly why HIPPO exist. They offer waste collection services for all kinds of waste. Hippo provides heavy duty waste bags and skips you can fill them with whatever waste you have that they will come and dispose of. Make use of our voucher codes and save yourself money on the UK’s premier waste removal service. HIPPO is the answer for cost effective and convenient rubbish removal. If you’re clearing small amounts of garden waste or completing a major home renovation, HIPPO’s range of skips, bags, and Man & Van services mean there’s always the right option for you. Over One Million satisfied customers have found the right solution with HIPPO. Don’t just take our word for it, you can check out the reviews on Trust Pilot where they have an overall score of 9.2 out of ten from thousands of satisfied customers’ reviews.
kally-sleep listed on couponmatrix.ukLet your tumultuous nights become a thing of the past with Kally Sleep, the pillow and bedding experts who design specialist sleeping aids to address everything from pregnancy to sports recovery. With an inventory capable of tackling any sleep disruption you may have, all you’ll need is a Kally Sleep discount code to get yourself well-rested on a budget. Regardless of if you suffer back pain, anxiety or sleep awkwardly, trust Kally Sleep to provide the solution.
maplin-electronics listed on couponmatrix.ukMaplin brings together the very best tech, making it easy and affordable to kit out your home with high quality accessories, appliances and tools. Make the most of a Maplin discount code to save on everything from bluetooth headphones to voice-activated lightbulbs - with a focus on innovative solutions, Maplin is the perfect destination for the tech-savvy - it’s a one stop shop for affordable picks to streamline your life and home.
mountain-warehouse listed on couponmatrix.ukFor those of us that like to get out and about and sample the best that nature has to offer and to do that comfortably and safely you will need to invest in good, quality outdoor wear. To get everything you need at a fantastic price, pick up a Mountain Warehouse discount code and start saving. Whether you are a hill walker or a festival goer, having the correct clothing and accessories can make a huge difference.
paint-your-life listed on couponmatrix.ukTurn the high points of your life into canvased masterpieces with Paint Your Life, the team that make it their mission to turn best photos into paintings. From there you simply let the artists do their work whilst also keeping the cost of commission low with a Paint Your Life coupon. With free delivery and limitless revisions assured, the process only ends when you’re 100% satisfied with your latest creation from Paint Your Life.
superga listed on couponmatrix.ukLevel up your trainer game and get heads turning with some new kicks from SuperGa, the designer shoe brand that originated over 100 years ago in Italy and now has customers all over the world. With a SuperGa voucher code you’ll be making great savings across all the ranges of espadrilles, plimsolls and sliders at SuperGa so get online today and start shopping for your next footwear fix.