Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

beach-cafe listed on couponmatrix.ukbedroom-athletics listed on couponmatrix.ukbt-total-broadband listed on couponmatrix.ukinderwear listed on couponmatrix.ukmanypets listed on couponmatrix.ukwingham-wildlife-park listed on couponmatrix.uk
beach-cafe listed on couponmatrix.ukIf sandy shores await, dress your best with the help of Beach Cafe. From sleek swimsuits to comfy kaftans, there’s beachwear to suit every kind of beachgoer. Looking to tone up your tan or take a dive in the deep big blue? Make sure you’ve got a Beach Cafe discount code to hand so you can save on beach and swimwear that suits your style. Featuring specialised sizes to accommodate curves, tummies and busts both big and small, you’re sure to find the perfect fit for your time on the coast at Beach Café.
bedroom-athletics listed on couponmatrix.ukIf slippers and dressing gowns are your favourite clothing combo, you’ll love the luxury that Bedroom Athletics provides. Featuring only the finest fabrics and fleeces across a range of slippers and fur dressing gowns, you can use the latest Bedroom Athletics discount code from Groupon to secure savings on attire that’ll send you to sleep in a jiffy. With all the bedwear you could ever need stocked under one roof, let Bedroom Athletics keep you cosy.
bt-total-broadband listed on couponmatrix.ukCraving super-fast fibre broadband without forking out a fortune? Discover BT Broadband and browse, stream and download your way to happiness. With a range of packages to suit every budget, BT Broadband has a deal perfect for your household. Upgrade for less with a BT Broadband voucher and enjoy reliable speeds, all day, every day. Ditch the battle for bandwidth - with average speeds of 67Mb, everyone can stay connected for less.
inderwear listed on couponmatrix.ukInderwear is an online retailer specializing in men's underwear, swimwear, and other apparel. They offer a wide variety of products from well-known brands such as Calvin Klein, Adidas, and Nike. Use our Inderwear discount code to enjoy great savings mesh briefs, trunks, boxers and every other kind of undergarment you and your lower half could need. So next time you’re seeking quality, comfortable clothing for your waist, think only of Inderwear. We know that saving money is important to our customers, which is why we work hard to find the best discount codes for Inderwear. If you’d like to show a vested interest in the brand yourself, we’d recommend signing up to the Inderwear newsletter to get exclusive discounts directly from the Inderwear team. Regardless of what you do, Groupon will endeavour to always provide the lowest prices possible on quality underwear. Popular boxer briefs come in a wide assortments of designs and colours thanks to the extensive inventory at Inderwear. These briefs are made from a soft and snug material that will keep you feeling your best all day long. With our Inderwear promo codes, you could potentially secure two sets of briefs for the price of one. You can’t put a value on true comfort but at least you know it comes competitively priced whenever you opt for Inderwear.
manypets listed on couponmatrix.ukFancy flexibility from your pet insurance? Look no further than ManyPets, the adaptable pet protection brand formerly known as Bought By Many. Whether you’re a dog lover or a crazy cat person, be sure to apply a ManyPets discount code during the quote process to get some extra off your monthly premium. With the option to customise quotes to match your exact needs, you won’t have to pay a penny more than you want or need with ManyPets pet insurance.
wingham-wildlife-park listed on couponmatrix.ukSee the wonders of the natural world at Wingham Wildlife Park – Kent’s fastest expanding wildlife exhibit. Sporting exotic residents including arctic wolves, Chilean flamingos and moon bears, there are plenty of animals you can adore at a discount with the use of the latest Wingham Wildlife Park voucher. With new animals introduced every year and the opportunity to enjoy up-close experience with these wondrous beasts, it’s not surprising that Wingham Wildlife Park is such a hit with animal enthusiasts.