Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

flamingo-land listed on couponmatrix.uklook-again listed on couponmatrix.ukred-letter-days listed on couponmatrix.ukvictorias-secret listed on couponmatrix.ukwatch-shop-uk listed on couponmatrix.ukwex-photographic listed on couponmatrix.uk
flamingo-land listed on couponmatrix.ukNestled in the heart of Yorkshire, Flamingo Land is the UK’s most visited zoo, theme park and holiday resort. Animal lovers and thrill-seekers unite at Flamingo Land: with rollercoasters, water rides and hundreds of amazing animals (yes, even flamingos!), it’s the perfect day out for the whole family. Treat your loved ones to an action-packed adventure for less with one of our exclusive Flamingo Land discount codes and watch your budding explorers create their own magical memories. Featuring animals from the African savannah, the Australian outback, below the ocean depths and farmyard favourites, there’s something new to discover at every turn.
look-again listed on couponmatrix.ukLook Again brings you cutting edge fashion at affordable prices, with a host of additional benefits: Shop here and you’ll gain access to a world of extra sites all run under the same banner. Your Look Again discount code works across some of the web’s most popular retail names like Kaleidoscope, Lascana, Curvissa and Bon Prix. Ladies, gents and kids are all given a vast selection to choose from and new designs are constantly added, keep collections fresh and inspiring at all times.
red-letter-days listed on couponmatrix.ukStruggling to find the perfect present for your loved one? Give the gift of an unforgettable experience with the help of Red Letter Days. Whether it’s an adrenaline-packed day out in a supercar or a relaxing spa day away from the city, you’ll find these package offers perfect for making memories. Use your Red Letter Days discount code to make a huge saving on your experience of choice so that you can enjoy giving the gift as much as the person receiving it will.
victorias-secret listed on couponmatrix.ukFollow in the footsteps of the beautiful Victora’s Secret supermodels, and revamp your look with luxurious lingerie that will boost your sass factor up to 10. Snap up a Victoria Secret discount code from us to stock up on delicate thongs, stylish bras, sensual nightwear, and more - you could dress like the A-list without blowing your budget. From Victoria’s Secret pink to understated navy, you’ll find colours to suit every taste and mood in this world famous collection.
watch-shop-uk listed on couponmatrix.ukKeep time in cutting-edge style with a watch from Watch Shop - and with designer watches from the likes of Armani, Hugo Boss and French Connection and a price match guarantee, you can treat your nearest and dearest with premium wristwear without breaking the bank. Use a Watch Shop discount code to slice the price of a gorgeous chain link watch or an Italian leather number whether you’re gifting yourself or a loved one.
wex-photographic listed on couponmatrix.ukPhotography is such a special thing. It captures fleeting moments in life and preserves them for ever. These magical machines called camers that let us preserve these moments in time are just as impressive today as when they first appeared in 1816. When you use a Wex Photographic discount code you’ll find incredible savings on hundreds of cameras. With over 19000 products, Wex Photographic is the most comprehensive photography shop where you’ll find digital and film cameras, tripods, filters, lighting and everything else you’ll ever need to keep yourself snap-happy.