Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

avis-rent-a-car listed on couponmatrix.ukaviva-home-insurance listed on couponmatrix.ukcharacter-online listed on couponmatrix.ukebc-brakes-direct listed on couponmatrix.ukgreen-people listed on couponmatrix.ukwizz-air listed on couponmatrix.uk
avis-rent-a-car listed on couponmatrix.ukEnjoy more of any holiday or trip with an Avis rental car. You can have the freedom to travel wherever and whenever you feel like it, without waiting about on public transport or worry about being overcharged for a taxi. Enjoy the convenience of a rental for less with an Avis discount code from us. You don’t even have to be going away to enjoy these deals - maybe your car is in the garage or you just fancy a change of style?
aviva-home-insurance listed on couponmatrix.ukIt doesn’t matter if you’re a home owner, a renter or a student living off campus, keeping your belongings and buildings covered is never a bad idea. With Aviva Home Insurance you can put all elements of your property under protection – from theft and accident to emergency repairs. Use an Aviva Home Insurance discount code to cut the cost of your quote or add additional protection to your policy without hiking the price.
character-online listed on couponmatrix.ukWelcome to Character Online, the best place to find all your favourite toys and games in one place! Sporting a huge range of merchandise that spans franchises from Disney to Doctor Who, your little one is sure to find a fun new toy that can be bought for less with the latest Character Online voucher code. So whatever toy next enters the birthday or Christmas list, have a gander at Character Online for options galore. We work hard to find the best Character Online coupons for our users. We know that Character Online could be a staple for any kid seeking excitement, so we always make sure to have the latest and greatest Character Online deals available on our site. Whether you're looking for a discount on your next purchase, or you want to save on shipping costs, we've got you covered. So be sure to check back often and take advantage of our great deals! Character Online sports a great collection of games for kids of all ages. Whether they’re a Pokémon master or like to drawer, you’re sure to secure a game to suit your tykes for less with the latest Character Online discount code. From laser projected shooting to games to board-based espionage with spies, who knows what new addition will make your kid’s day at Character Online.
ebc-brakes-direct listed on couponmatrix.ukEBC Brakes Direct is a leading retailer of quality brakes and pads. With an extensive knowledge of the braking industry, you know you’re bagging a bargain on tried and tested equipment with the latest EBC Brakes Direct promotional code. With a variety of products including pads, lines and kits at your disposal, you can find everything you need for your vehicle's brakes at EBC Brakes Direct. Groupon is committed to finding the best EBC Brakes Direct deals for our customers. Whether you're looking for a new set of brake pads or a complete brake kit, we can help you find the best deal. Check back often for newest EBC Brakes Direct deals and get even better value on the brakes you need. There are brakes for both cars and motorbikes available online, so you can get the stopping power you need regardless of if you ride on four wheels or two. EBC Brakes Direct offers a wide range of products for all types of vehicles. Check out the Balanced Big Brake Kit for a comprehensive collection of braking essentials. For track days and race use, this brake kit offers high performance at an affordable price - especially when bought with the latest EBC Brakes Direct discount code! With each kit including a disk, calipers, rotors and pads, it sports all you need to boost your braking power.
green-people listed on couponmatrix.ukWelcome to Green People, where you can enjoy organic and ethical beauty products, to keep you looking your beautiful best inside and out. The product range covers skin and body care, hair, makeup and sun products and is always sourced with the greatest attention to ethical practice. Remember, with Green People discount codes you can enjoy looking your best for less. If you believe that beauty should come from a beautiful place, then the ethical range at Green People is for you.
wizz-air listed on couponmatrix.ukFancy a trip to Vienna? Tuzla or Budapest? Wizz Air offer European travel at an affordable price. Since its conception in 2003, Wizz Air has grown into Central and Eastern Europe’s largest low-cost airline. Offering quality at a fair price has proven successful, and the airline now boast over 600 routes. With a fleet of new best-in-class aircraft, the only thing Wizz Air value more than affordable travel is customer service and experience. With the Wizz Air promo code you can enjoy amazing destinations for less. The world is at your fingertips with Wizz Air.