Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

aveda listed on couponmatrix.ukcanvas-holidays listed on couponmatrix.ukdc-shoes listed on couponmatrix.ukiberostar listed on couponmatrix.ukpurely-pets listed on couponmatrix.ukwaitrose-pet listed on couponmatrix.uk
aveda listed on couponmatrix.ukFrom hair care to styling products and make-up, an Aveda voucher on Groupon will give you reduced rates on a host of plant-focused products from the ethically-minded company. With an aim of connecting beauty, environment and wellbeing, their diverse range includes shampoo and conditioner for all manner of hair types; hair styling items to help you stand out from the crowd; and an array of cleansing, exfoliating and moisturising cream. The online shelves also stock a host of body care items and perfume, each influenced by Aveda’s firm commitment to using natural ingredients. Aveda was founded in 1978, and has flower and plant essences at the core of its practice. It has a strong connection to ayurveda: an ancient holistic system of healing that strives to create balance in body, mind and spirit. In keeping with ayurvedic principles, Aveda strives to use organic ingredients where possible, and maintains a link with Indian firm Nisarga who grow ayurvedic herbs with organic agriculture. It also affirms its mission of environmental care by striving to limit the amount of harmful packaging it produces, using wind power where possible and adhering to the CERES Principles by publicly sharing results. An Aveda voucher code will provide slashed prices on beauty products alive with the life force of plants, containing pure essential oils, and harvested with respect for earth in mind. Aveda’s professional network of 9,000 salons and spas worldwide in addition to its online shop shares its commitment. The professionally-developed, clinically-tested items are designed to provide a natural boost to the lifestyles of men and women alike. So if you’re looking for plant-focused beauty and skin care products formulated with organic ingredients and produced with an agenda of environmental care, pick up an Aveda promo code and find discounts on an array of products today.
canvas-holidays listed on couponmatrix.ukFor great value trips with guaranteed sun, nothing beats a camping trip in France, Italy or Spain. With some of the best weather and scenery on the planet on offer together with enough cultural and architectural treasures to last a lifetime, these destinations have got everything for families, couples or groups of friends. The Canvas Holidays discount code is your ticket to sail off into the sunset for weeks at a time of of fun, excitement, amazing food and fabulous wine - all you need to do is get the car serviced and buy a large supply of sun cream.
dc-shoes listed on couponmatrix.ukOn the feet of skateboarders, snowboarders and surfers near and far, DC Shoes are perfect for the laid-back lifestyle, chilling with friends and having good times. With a DC Shoes promo code in hand as you head to checkout with your uber cool new kicks you’ll be amazed at how much you’ll save! And that’s not all - DC Shoes has an impressive range of clothing too, with shirts, sweats, accessories and more all featuring the iconic logo.
iberostar listed on couponmatrix.ukWhen you’re preparing to jet off on that longed-for holiday, you want to be sure you’ve got the accommodation right. Place your hotel booking in the capable hands of Iberostar and you can expect a memorable stay in one of the best hotels and resorts in Europe, North Africa and America. Don’t forget to use your Iberostar discount code to unlock the door to the hotel of your dreams, and whether you’re looking for beachside family fun or an adults-only stay, you won’t have to blow your budget.
purely-pets listed on couponmatrix.ukWhether you prefer things that purr or bark, every animal owner will find a firm friend with Purely Pets pet insurance. Offering customised pet policies for both cats and dogs, all you’ll need to secure savings on some comprehensive pet cover is a Purely Pets discount code from Groupon. With 0% interest monthly payments available alongside With round-the-clock access to professional advice and the option to tailor your policy as you go, you get both flexibility and quality whenever you protect your pet at Purely Pets.
waitrose-pet listed on couponmatrix.ukGive your furry or feathered friend a taste of the high life and pick up all your pet-related essentials from trusted brand Waitrose Pet. A Waitrose Pet promo code from us will make purchasing high quality pet supplies a breeze, so whether you need nutritious food for Fido, a scratching post for the cat or even supplements for your horse, you won’t have to break the bank. Featuring professional pet advice on tap and the very best brands in the business, place your pet pal’s needs in the capable hands of Waitrose if you believe they deserve the best.