Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

anglesey-sea-zoo listed on couponmatrix.ukclarks listed on couponmatrix.ukinto-the-blue listed on couponmatrix.ukpdf-expert listed on couponmatrix.ukthe-perfume-shop listed on couponmatrix.ukthe-wave listed on couponmatrix.uk
anglesey-sea-zoo listed on couponmatrix.ukIf you ever find yourself on the north-west coast of Wales, you can enjoy an afternoon of exploration at Anglesey Sea Zoo. As home to over 40 tanks full of fish, sea mammals and other cute creatures of the underwater world, an Anglesey Sea Zoo voucher is all that’s required to enjoy these watery wonders for a fraction of the price. From conger eels to spider crabs, discover new denizens of the deep today at Anglesey Sea Zoo.
clarks listed on couponmatrix.ukStep out in stylish new shoes with the help of the UK’s best-loved footwear brand, Clarks. Whether you’re after a pair of winter boots or you’re a high-heel obsessive, you’ll find a world of variety and style both online and in-store at Clarks. Use your Clarks discount code to save money on a fresh pair of the Clarks originals, featuring waterproof and stain-resistant premium leather. There’s also the comfortable underfoot shoe cushioning that Clarks has become famous for – your feet will thank you.
into-the-blue listed on couponmatrix.ukInto the Blue is a fantastic adrenaline-pumping experiences company founded in 1996, and it is the perfect place to book your next activity. We've got Into the Blue discount codes for all kinds of activities, from skydiving and bungee jumping to white water rafting and zip lining. So whether you're looking for a bargain or just some inspiration, Into the Blue has got you covered! At Groupon, we work hard to find the best discount codes and deals for our users. We partner with Into the Blue, to bring you exclusive voucher codes that can save you money on your next experience. Whether you're looking to jump out of a plane or explore the underwater world, we've got you covered.To redeem a discount code, simply enter the code at checkout when booking your Into the Blue experience. Be sure to check the terms and conditions of the code before using it, as some codes may have expiration dates or other restrictions. Happy savings! One of our most popular Into the Blue experiences is scuba diving. If you're looking to explore the underwater world, be sure to check out our Into the Blue voucher codes for great deals on scuba diving courses and trips. With our Into the Blue discount codes, you can save big on your next scuba adventure. So what are you waiting for? Get exploring!
pdf-expert listed on couponmatrix.ukNo Apple device is truly complete without PDF Expert, the app that empowers users to become PDF experts. With over 30 million users and counting, PDF Expert equips you with the tools to edit, annotate, convert, sign and merge PDFs seamlessly from your Macbook or iPhone. You can acquire PDF Expert through a yearly subscription or a lifetime subscription, although it's important to note that the lifetime subscription does not include future updates. To simplify your PDF-related tasks, consider using a PDF Expert discount code to kickstart an affordable plan. If you're a student using this app for educational purposes, you may even qualify for PDF Expert's special 50% discount for students, making it an even more budget-friendly option.
the-perfume-shop listed on couponmatrix.ukIt’s never a bad thing to smell good, and there’s nowhere that can step up your scent game quite like The Perfume Shop. It’s a high street staple where a visit can leave you feeling great and smelling better with an unbeatable selection of the top perfumes around. Here you’ll find all your favourite fragrances and brand new aromas waiting to be discovered as well as other quality cosmetics for eyes, lips and nails. Pick up The Perfume Shop discount code and choose the perfect perfume for less. The Perfume Shop has perfect picks for women as well as ideal aftershave for men too. Whether you’re buying for yourself or a loved one,The Perfume Shop can turn a fragrance into a personalised gift. There’s hundreds of brands to choose from too, making The Perfume shop the perfect place to go if you want the biggest choice of the best products.
the-wave listed on couponmatrix.ukMasters of the surf and newcomers alike are welcome at The Wave, the Bristol-based attraction that’s guaranteed to get you wet. Artificially simulating currents in a 180 metre surfing lake, customers of all skillsets can get a great deal on their booking with a The Wave discount code and experience the thrill of wave riding first-hand. With its own accommodation, café, restaurant, bar and viewing platform, make your surfing a session to remember at The Wave.