Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

the-gourmet-society listed on couponmatrix.ukharrods listed on couponmatrix.ukjoseph-turner-shirts listed on couponmatrix.ukklm-royal-dutch-airlines listed on couponmatrix.ukmr-porter listed on couponmatrix.ukpoundtoy listed on couponmatrix.uk
the-gourmet-society listed on couponmatrix.ukIf you’re looking for cheap ways to eat out in an array of restaurants across the country, check out our Gourmet Society discount codes and find reduced rates on a host of meals. Guests can sign up to Gourmet Society and get up to 50% off meals at over 6,500 restaurants, whether Italian, Indian, Chinese, French, or traditional English cuisine. They can use the mobile app to search eateries, get directions and claim their discount, and benefit from unlimited use and instant access to their savings. Deals include 50% off the food bill, 25% off the total bill, and two-for-one on one, two or three courses. The Gourmet Society is a UK dining club whose members enjoy savings at thousands of restaurants. They dine for less in a host of eateries ranging from Michelin and AA Rosette winners to local curry houses and pubs. Members of the Gourmet Society receive a restaurant guide and handy dining card which entitles them to deals on meals, letting them take a break from cooking whenever they feel like it. Armed with a Gourmet Society voucher, you can take advantage of discounted access to a host of branches from some of the biggest dining chains in the country. Tuck into Italian cuisine at Prezzo, Bella Italia and Café Rouge, and munch on French dishes at Hotel du Vin & Bistro. Grab a pre-party meal at Walkabout, indulge in traditional British cuisine at Hall & Woodhouse, and feast on a meaty creation at Handmade Burger Co. So why not check out our Gourmet Society discount codes on Groupon if you’re looking to pick up a membership card to use at an array of restaurants across the country, whether fine dining, traditional pub or lounge bar.
harrods listed on couponmatrix.ukTreat yourself to a guilt-free spree at the world’s most famous department store and snap up a Harrods discount code from us to get your fix of premium products. Offering a diverse range of designer clothing for all the family, Harrods will have you dressed to the nines in the choicest fabrics and cuts. Kick your cosmetics bag into high gear with the stunning Harrods beauty range or spoil someone special with a delectable culinary hamper. If you’re looking for luxury items infused with timeless British style, Harrods will deliver the goods.
joseph-turner-shirts listed on couponmatrix.ukAre you ready for stylish, sophisticated menswear which will make you stand out from the crowd for all the right reasons? If so, look no further than Joseph Turner. Based in Thirsk and immensely proud of their Yorkshire heritage, with your Joseph Turner discount code, you can unlock a whole world of luxury clothing. Enjoy some of the finest classic fabrics sourced (where possible) from local mills and spinners and discover a clothing brand based in tradition and flush with style.
klm-royal-dutch-airlines listed on couponmatrix.ukOne of Holland’s leading brand names has to be KLM Royal Dutch Airlines. With their distinct skyblue branding and reputation for both efficiency and speed, KLM are an airline you know will provide a flight experience that is second to none. With a KLM discount code, the world really is your oyster so why not get online and start planning that last minute break or longed for dream holiday.
mr-porter listed on couponmatrix.ukJoin the ranks of the stylish elite with a trip to Mr Porter. The number 1 sophistication destination for men everywhere, Mr Porter brings you the world's best designer labels on a fuss-free, inspiration-laden platform. Shop its range with a Mr Porter discount code from Groupon and you'll be sure to save money on your next piece of high-end tailoring and high-class footwear.
poundtoy listed on couponmatrix.ukFun for all is the agenda at PoundToy, where the most popular toys, games and books come at unbeatable price. Whether your child loves to draw, build or break, a PoundToy discount code will help you save on those many little things that keep your kid smiling. Offering boundless ways to entertain on a budget, you can trust PoundToy and their bargains whenever the next birthday, celebration or holiday is on the horizon.