Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

electrical-world listed on couponmatrix.ukfootasylum listed on couponmatrix.ukliverpool-football-club listed on couponmatrix.ukmuseum-selection listed on couponmatrix.ukstone-refurb listed on couponmatrix.ukwicksteed-park listed on couponmatrix.uk
electrical-world listed on couponmatrix.ukElectrical World is the ideal place to buy all your electrical goods and appliances – from big-ticket items like fridges to the humble light switch. Whether you’re after a new TV, washing machine or something else entirely, make sure you grab an Electrical World discount code from Groupon before you buy. With free delivery, regular promo codes and up to 50% off or more in the sale, it’s even easier to get the gadgets and gizmos you need for less! Electrical goods can become a costly burden for the average household, which is why we’re constantly refreshing our page with new ways to get money off your Electrical World purchase. The next time you need to do some repairs, start a DIY project or invest in new household appliances, check Groupon for the latest money-saving tips. Customers should also explore the Electrical World sale for whopping discounts on tools, electricals and accessories. From lighting and wiring to tools and fixings, Electrical World is a DIY-lovers dream. Stocked with everything you need, with many items included in the sale section too, it’s the best place to find affordable supplies – especially if you have an Electrical World voucher code from Groupon! We update our page regularly to reflect the latest Electrical World promo codes, so make a quick stop here to nab the best price.
footasylum listed on couponmatrix.ukAdd some streetwear to your wardrobe with Footasylum, the foot and clothing brand that defies traditional trends in place of daring urban styles. From cropped training tops to decade-defining footwear including UGG boots and Adidas Original trainers, we at Groupon have ways to save on a myriad of fashion staples thanks to our latest Footasylum discount codes. Sporting styles for men, women and children under its banner, there’s room for every family member to find their fashion sense at Footasylum.
liverpool-football-club listed on couponmatrix.ukCome on you reds! When you want to show your support for your favourite football team but don’t want to spend a fortune, grab a Liverpool FC discount code and get your hands on all the best Liverpool merch at prices you’re going to love nearly as much as the team. From souvenirs to shirts and from kits to keyrings, you’ll find an amazing range of products on offer from Liverpool FC.
museum-selection listed on couponmatrix.ukWhen you shop at Museum Selection it’s never been easier to upgrade everything in your life at the same time - from your wardrobe to your outside seating area, you can give your whole home a makeover in a jiffy! With a Museum Selection discount code from us you’ll be amazed at the reduction you’ll get on your order subtotal, making purchasing that conservatory a walk in the park for your bank account.
stone-refurb listed on couponmatrix.ukGet the latest tech secondhand from Stone Refurb, like Windows laptops, MacBooks, iPads, monitors and Apple iPhones. Whether you need a laptop for work, a desktop PC for gaming or a new phone, Stone Refurb has you covered. All orders are dispatched with free delivery, and you can use our Stone Refurb discount code for an additional saving. We’re tracking the best Stone Refurb offers here, so take a look before you make your purchase.
wicksteed-park listed on couponmatrix.ukGather the troops for a blissful day out at Wicksteed Park and enjoy thrilling rides, one of the longest zip lines in the UK and 147 acres of spectacular parkland. What more could you possibly want? Check our collection of Wicksteed Park offers to cut the cost of a fun-filled family day out. Whether a picnic in the park or exploring the adventure play areas appeals, Wicksteed Park will tick everyone’s boxes!