Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

hostingcouk listed on couponmatrix.uknext listed on couponmatrix.ukskate-hut listed on couponmatrix.ukthe-leisure-group listed on couponmatrix.ukwallpaper-direct listed on couponmatrix.ukyorkshire-wildlife-park listed on couponmatrix.uk
hostingcouk listed on couponmatrix.ukHOSTING.co.uk is a leading provider of web hosting services in the UK. They offer a wide range of services including shared hosting, VPS hosting, reseller hosting, and dedicated servers. They also offer a variety of features such as unlimited bandwidth, free SSL certificates, and more. HOSTING.co.uk has a reputation for being reliable and provide excellent customer support. Use a HOSTING.co.uk promo code to get the best savings on your next order! At Groupon, we understand that saving money is important to our customers. That's why we work hard to find the best HOSTING.co.uk promo codes and discounts codes so you can save on your next purchase. Whether you're looking for a shared hosting plan or a dedicated server, we'll help you find a great deal to make your life more comfortable. Check back often for the latest HOSTING.co.uk coupons and deals! If you're looking for a great deal on web hosting, be sure to check out HOSTING.co.uk. They offer a variety of plans to fit your needs, and you can often find a HOSTING.co.uk discount code to save even more. Their dedicated servers are a great option for businesses that need a high-powered server, and their reseller hosting plans are perfect for those looking to start their own web hosting business. Whatever your needs, HOSTING.co.uk has a plan for you - and we can help you save with a HOSTING.co.uk discount code today!
next listed on couponmatrix.ukNext provide an amazing range of womenswear, menswear and kids clothing, as well as stunning homeware! You can shop for hundreds of options for apparel, with fresh styles updated every season. They have great basics, as well as high quality everyday and formal apparel. Alternatively, you can use your Next discount code to save on all the finishing touches for your home. With options for every room in the house and loads of styles to choose from, you're bound to find the right home decor for your pad.
skate-hut listed on couponmatrix.ukFrom mountainsides to city centres, Skate Hut makes moving around an absolute joy. With an enormity of two and four-wheeled options to put beneath your feet, you’re free to enjoy your ideal form of human-powered transport for less with a Skate Hut discount code handy. Bolstered by a gorgeous selection of shoes, clothing and protective gear, there’s no urban or outdoor environment you can’t conquer with Skate Hut there to help.
the-leisure-group listed on couponmatrix.ukHave a great day out for all the family with MFA Bowl, the bowling, golfing, party destination! Located in spots throughout the UK, head to your local MFA for a great day of classic 10 pin bowling, test your stuff against friends, get the kids out for a fun time, or spark romance on a first date. Get tickets with an MFA Bowl voucher and you’ll be heading off for fun without it breaking the bank. Book a Birthday, grab some food, hit the lanes and have a great time, all from MFA Bowl.
wallpaper-direct listed on couponmatrix.ukThe name might be practical rather than fancy, but be in no doubt: Wallpaper Direct has a very noble lineage. You can choose from over 11,000 designs from the website, though the brand is actually owned by Brewers, the official supplier of decorating materials to none other than HM The Queen. You may not live in a palace, but your Wallpaper Direct voucher code will help make you think that you do, and you'll find endless curtain material, fabrics and other accessories to make sure your home looks perfect whenever you want to impress a visitor.
yorkshire-wildlife-park listed on couponmatrix.ukAs one of Northern England’s biggest bastions of wildlife, Yorkshire Wildlife Park is home to some of the world’s greatest animals. Whether you come for the adorable otters or the formidable rhinos, a Yorkshire Wildlife Park discount can cut the cost of seeing your natural wonder of choice. With up-close experiences, ranger talks and animal adoption available to enhance your day out, Yorkshire Wildlife Park is an experience you won’t soon forget.