Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

millets listed on couponmatrix.ukmy-memory listed on couponmatrix.uksugarhill-brighton listed on couponmatrix.ukvision-express listed on couponmatrix.ukvrients listed on couponmatrix.ukwarner-bros-studio-tour listed on couponmatrix.uk
millets listed on couponmatrix.ukFor over a century, Millets has been synonymous with outdoor wear, starting life in 1893 when J.M Millet opened stores in Southampton and Bristol. Today Millets has 97 stores nationwide and is still regarded as one of the best destinations on the high street for camping and outdoor adventure gear. Pick up a Millets discount code and save a pretty penny on everything you need for your next expedition!
my-memory listed on couponmatrix.ukWith even the smallest of Smartphones now capable of playing full resolution movies with premium-level sound, we’re more reliant then ever on our portable memory devices - and the pace of technological change means it’s important to keep updating if you want to get the most from your spare time. A MyMemory discount code can help keep your storage devices fully up to date, letting you buy Flash drives and SD cards at knockdown prices with all the technical support you could wish for.
sugarhill-brighton listed on couponmatrix.ukSugarhill Brighton is a vibrant, creative fashion brand that’s all about having fun with clothes: if you love bold colours and prints, this one’s for you! Sugarhill Brighton’s designs are inspired by art, travel and vintage finds, and they can be yours for less with a Sugarhill Brighton discount code from Groupon. This fun clothing brand offers a 10% voucher code for new customers, 20% off for NHS staff and free delivery when you spend £40, so it’s easy to save on beautiful clothing you love. We’re always updating our list of Sugarhill Brighton offers, so check back here to find promo codes and our best picks from the sale. You’ll want to make a beeline for the Sugarhill Brighton clearance for huge discounts on stunning dresses and cosy loungewear – spend £40 to qualify for free delivery on top! Featuring sustainable fabrics and organic cotton, expressing your unique style is more guilt-free than ever. A Sugarhill Brighton dress is guaranteed to put a smile on your face. From floaty, lightweight smock dresses to shirt dresses with pockets, these dresses come in a range of colours and prints and can be dressed up or down for any occasion. This versatile wardrobe addition can be yours for less with a Sugarhill Brighton voucher code from Groupon, so check here to save money and feel like the best-dressed person in the room.
vision-express listed on couponmatrix.ukVision Express is your go-to for glasses, lenses and all things eyecare. Whether you’re looking for your first pair of glasses or want to try out a new brand of contacts, make the most of an awesome Vision Express offer to save on the essentials! As well as stylish frames and high quality contacts, Vision Express offers eye tests and online appointments for all of your eye care needs, too. With fast delivery and an easy to use online system, it's your one stop shop for eye health!
vrients listed on couponmatrix.ukWelcome to vrients, the one stop shop for all your fashion needs. They believe that fashion should be fun, affordable and accessible to everyone. And to make shopping even more convenient, we’ll have a vrients coupon code to give you knock their low prices down even further. So whether you're looking for a new outfit for a night out or just some everyday basics, vrients is the perfect place to shop. At Groupon, we understand that saving money is important to our customers. That's why we work hard to find the deals and discounts codes, so you can afford the fashion you love. We partner with vrients to bring you phenomenal threads at affordable prices. So whether you're looking for a new dress or a new pair of shoes, be sure to check out Groupon first for the best vrients deals. Looking for a new pair of jeans? Check out vrients' selection of men's and women's jeans. With a variety of styles and sizes available, you're sure to find the perfect fit. And with a vrients discount code handy, you could bulk out your jean drawer on even a shoestring budget. So why wait? Find your perfect pair of jeans and get ready to strut your stuff with vrients.
warner-bros-studio-tour listed on couponmatrix.ukIf you’re a die-hard fan of the Harry Potter universe, you won’t want to miss the official Warner Brothers Studio Tour. Packed with real props and costumes from every film, you can explore iconic life-sized sets including Diagon Alley, the Great Hall and Platform 9¾. Experience the magic for less with Warner Bros Studio Tour discounts (formerly, Harry Potter World discounts) from us and tick off a must-see attraction off your bucket list. The perfect day out for fans both young and old, get ready to be spellbound by the wonderful world of Harry Potter.