Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

all-bar-one listed on couponmatrix.ukbannatyne-health-club listed on couponmatrix.ukinghams listed on couponmatrix.ukpark-grand-london-hotels listed on couponmatrix.uktu-clothing listed on couponmatrix.ukuswitch listed on couponmatrix.uk
all-bar-one listed on couponmatrix.ukWhether you’re popping in for a quick brunch or enjoying a cocktail evening with the girls, All Bar One will make every social occasion a special celebration. From classic beef burgers to tasty vegan nachos, All Bar One has delicious delicacies suited to every taste. Dine in style for less with an exclusive All Bar One voucher and enjoy a beverage (or two) on us. With a wide variety of drinks, including handcrafted cocktails and house wines, your trip to All Bar One will be one to savour.
bannatyne-health-club listed on couponmatrix.ukPut your health and wellbeing first with Bannatynes. The health club is more than just a gym - with state of the art equipment and swimming pools, a great range of fitness classes and relaxing spa facilities, it’s the perfect destination for both toning up and winding down. With our Bannatynes promo code you can save on a membership and discover a new level of health - why not check out your local club today?
inghams listed on couponmatrix.ukExperts in ski and snowboard holidays, Inghams has been offering thrill-seekers and slope-lovers exciting holiday packages for over 85 years. Flying from 16 local airports nationwide, your next big adventure is closer than you might think. Book your dream holiday with an Inghams discount code and enjoy an extended break for a fraction of the price. From Austria and France to Japan and Canada, there's an exciting trip just waiting to be discovered by you.
park-grand-london-hotels listed on couponmatrix.ukWhether you’re looking for a room in a leafy Kensington hotel, or an overnight stay somewhere closer to Heathrow Airport, our Park Grand London Hotels discount codes will ensure your luxury break doesn’t have to cost the earth. Park Grand London Hotels have five boutique four-star hotels at their disposal across the capital, in trendy, sought-after locations such as Hyde Park, Lancaster Gate and Paddington. Suitable for those travelling on business, as well as families and couples, each of the hotels combine luxury touches with contemporary décor. Each one is on the doorstep of various London sights, ensuring you can pack as much into your day as possible, as well as having somewhere to conveniently drop shopping bags off before you head out for an evening meal. Many of the Park Grand London Hotels also offer a wealth of dining opportunities, whether it’s a snack in the bar, or a fresh breakfast to kick-start your day. Those travelling on business are also not short on facilities, with rooms coming complete with high speed internet and voicemail facilities. There’s also a business centre and club lounge, plus a 24-hour reception to help with any enquiries. Looking for a hotel break that will combine a central location with luxury furnishings? Take a gander at our Park Grand London Hotels discount codes and save yourself a pretty penny on your next trip.
tu-clothing listed on couponmatrix.ukDiscover the Tu clothing range at Sainsbury’s and stock up on affordable yet fashionable styles that will breathe fresh life into your wardrobe. Help yourself to a Tu discount code from us to update your everyday denim or some new rompers for the kids. With plenty to choose from for men, women and children alike, you can kit out the whole family in one fell swoop when you shop with Tu.
uswitch listed on couponmatrix.ukHousehold expenses is one of the easiest ways to regularly lose some of your hard-earned cash, which is why Uswitch and its price comparison tools are so essential. Thanks to Uswitch deals, you’ll be able to weigh the perks, prices and additional services offered by energy, broadband and mobile suppliers nationwide in mere minutes. So whether you’re wanting to lower your energy bill or get the snazziest smartphone on the cheapest monthly contract, you’ll always find the best bargain with Uswitch.