Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

brandalley listed on couponmatrix.ukgap listed on couponmatrix.uksnapmad listed on couponmatrix.ukstart-fitness listed on couponmatrix.uktrespass listed on couponmatrix.ukwex-photographic listed on couponmatrix.uk
brandalley listed on couponmatrix.ukBrandAlley are a discount fashion retailer offering money off flash sales from top designers and brands. Launching new sales every day, they are a non-stop designer sale website! Every sale lasts up to 4-5 days with users being notified by email of all the latest deals, allowing you to discover something new and stylish every day. So double-down on your discount with a BrandAlley discount code to truly whittle a piece of designer clothing down to a price that's right for you.
gap listed on couponmatrix.ukGap have a fun range of fashion that gives shoppers quality clothing options whatever their style preference is. Gap’s line of clothing is suited to everyone searching for subtle style, with clothes for men, women and kids that make you stand out from the crowd at affordable prices. When Gap launched, they revolutionised the way people across America styled themselves and this revolution made its way throughout the rest of the world, with Gap’s UK stores now a staple of the high street. Shoppers are drawn to Gap for the unique simplicity of their range which includes jeans, t-shirts and shoes, and now with your Gap discount codes you get the best deals possible on their fantastic selection of products.
snapmad listed on couponmatrix.ukImmortalise your favourite photos with a little assistance from Snapmad, experts in putting your best snapshots onto frames, prints and personalised gifts. Be it a personalised star map, a photographed mug or a collection of new baby photos, put together your preferred photo gift for less with a Snapmad discount code. Even if you’re seeking suitably-sized photos for a new passport, you can snag a set of six for far less than normal at Snapmad. At Groupon, we know that saving money is important to our customers. That's why we work hard to find the best discount codes for Snapmad.com. We scour the web for the latest coupons and deals, so you can be sure you're getting the biggest discount possible. And because we update our coupons regularly, you'll always have access to the most current offers. So whether you're looking for a discount on your next purchase, or you want to save big on your next project, Groupon has you covered. A modern way to relive some classic memories, Snapmad canvas prints combine convenience with quality. Single out a particular favourite, create a collage or make it more ornate by converting to a wood canvas, then knock the cost of your finished product with a Snapmad coupon code from Groupon. Aspiring artists can even ditch the print part entirely and instead pick up a blank canvas on which to create their next inspiration.
start-fitness listed on couponmatrix.ukA brand built by fitness fans for fitness fans, Start Fitness has accumulated over three decades experience in supplying the finest sportswear and equipment. From carbo plated running shoes to sweat-wicking compression tops, a Start Fitness discount code can help secure the essentials you need to reach your potential without breaking the bank. Sporting athletic gear and clothing for men, women and children alike, there’s no age at which Start Fitness can’t improve your performance.
trespass listed on couponmatrix.ukTrespass’ philosophy and passion is about making outdoor lifestyles more accessible to everyone, no matter your age, gender, experience or background. As one of the UK’s most successful outdoor clothing retailers - specialising in waterproofs, ski wear, camping equipment and more - there are plenty of sales and Trespass discount codes to put the price down. Kit yourself and your closet out in Trespass gear to make your outdoor adventures as comfortable as possible - whether rain, snow or sun.
wex-photographic listed on couponmatrix.ukPhotography is such a special thing. It captures fleeting moments in life and preserves them for ever. These magical machines called camers that let us preserve these moments in time are just as impressive today as when they first appeared in 1816. When you use a Wex Photographic discount code you’ll find incredible savings on hundreds of cameras. With over 19000 products, Wex Photographic is the most comprehensive photography shop where you’ll find digital and film cameras, tripods, filters, lighting and everything else you’ll ever need to keep yourself snap-happy.