Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

ask listed on couponmatrix.ukexplorer-travel-insurance listed on couponmatrix.ukpenhaligons listed on couponmatrix.ukraja-pack listed on couponmatrix.ukthe-nue-co listed on couponmatrix.ukugg listed on couponmatrix.uk
ask listed on couponmatrix.ukIf you’re looking to enjoy food you know you’ll love in a buzzing atmosphere, ASK Italian has the menu and restaurants for you. Featuring delicious Italian pastas, thin crust pizzas, salads and more, ASK will ensure your meal is one to remember. Don't forget to make use of one of our ASK vouchers and your family will thank you for reducing the bill! With restaurants in locations all over the UK, you’re bound to find an ASK nearby.
explorer-travel-insurance listed on couponmatrix.ukDon’t let the unexpected put a dent in your travel plans. Explorer Travel Insurance offers comprehensive cover whether you’re cruising, city-hopping or relaxing on your favourite beach. Start your coverage using an Explorer Travel Insurance discount code to put some extra pounds back in your pocket for more adventures when you’re on holiday. You can tailor the plan perfectly to you and your holiday requirements, so you know you’re protected if anything goes wrong while you’re away. All that’s left to do then is pack the sunscreen!
penhaligons listed on couponmatrix.ukWhen you want to wear scent of sophistication and class, you need to shop at Penhaligon’s. Expert perfumers with over 20 stores nationwide and a history that harks all the way back to Queen Victoria, add on their quintessential British fragrances to your personal perfumes for a fraction of the price with a Penhaligon’s discount code. They also specialise in luxury candles, bath and body lotions for those who prefer their fine fragrances at home, so everyone can enjoy a sample of Penhaligon’s signature extravagance.
raja-pack listed on couponmatrix.ukIf you’re a hard-working business, you’ll know the pain of finding the right packaging to ensure your items arrive safely at the buyer’s location. At Raja, you’ll find every box, bag, or bubble wrap you could possibly need to ensure your items are well-protected for whatever journey they have ahead. With your Rajapack promo code, you can save money on a huge variety of sizes, shapes, and customisation options for your packaging, including cardboard boxes, postal tubes, storage containers and jiffy bags. Deliver with confidence thanks to Raja.
the-nue-co listed on couponmatrix.ukThe Nue Co is a health supplement brand with a difference. From sleep drops to prebiotic and probiotic supplements, The Nue Co can help you transform aspects of your life and tackle sleepless nights and stresses sustainably. Shopping at this brand is guilt-free, too, thanks to its plastic-neutral and carbon-negative credentials. You can save money on the range of ingestible vitamins, fragrances and even topically-applied products with The Nue Co discount codes from Groupon. Keep our page bookmarked for the latest ways to save!
ugg listed on couponmatrix.ukFounded in 1978, UGG Australia started as a bag of sheepskin boots slung over Brian Smith’s shoulder when he landed in Southern California with the dream of sharing his passion with the world. It turned out that the relaxed So Cal beach scene was the perfect fit for his brand and by the mid ’80s; the UGG brand was ingrained in the counter culture. UGG Australia is a brand of cosy sheepskin boots dedicated to women, men and children. The beginning of their fame is dated to the beginning of the early 2000s when it became a must-wear item among celebs. Use an UGG discount code to share in this relaxed approach to life for less. Take advantage of these amazing money-off offers, discounts and promotions at Groupon.