Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

ben-sherman listed on couponmatrix.ukcarrentals listed on couponmatrix.ukgarmin listed on couponmatrix.ukjustyou listed on couponmatrix.ukparcelhero listed on couponmatrix.ukzazzle-co-uk listed on couponmatrix.uk
ben-sherman listed on couponmatrix.ukFor more than 50 years, Ben Sherman has been one of the top retailers for menswear and iconic clothing. Known widely for its distinctive array of shirts and plaid patterns, the Ben Sherman collection is the ideal apparel for any man looking for something classical but cool. With your Ben Sherman discount code to hand, you’ll be able to invest in a whole new wardrobe of button-down shirts, suit pieces and other accessories for a steal. What are you waiting for?
carrentals listed on couponmatrix.ukCarrentals.co.uk is the UK’s leading car hire comparison site that helps customers find the cheapest car hire deals every day. By searching up to 50 different car hire websites, they provide an impartial comparison of the best prices available in over 15,000 locations. This means their customers can be satisfied they have found the best car hire for them at an unbeatable price. And with a discount code from us you can be sure to save on your rental.
garmin listed on couponmatrix.ukGarmin is the expert at getting you where you need to be—whether you’re a professional athlete or a casual hiker. As a leader in GPS navigation and wearable tech, there’s no better way track your run or simply get around, so if you’re looking to save money on your next Garmin watch, we’ve got you covered with Garmin discount codes, promotions and more money-saving tips. Garmin makes everyday life more convenient, and there’s no better time to buy!
justyou listed on couponmatrix.ukIndividual travellers can select their destination, pack their bags and wake up in their dream location with these Just You voucher codes. Just You, the single traveller company organises everything from start to finish so people can meet the locals, taste the food and see the iconic sights of their chosen destination. Unwind, chat, socialise, the choice is yours. See things you’ve always dreamt of seeing, travel in a way you’ve always wanted to and create memories, all on your own terms. Just You have been taking single travellers on escorted tours for a good few years now so they are well-versed in what it is travellers, just like you, are looking for from a holiday. You can be assured of a great holiday experience in a welcoming environment and the perfect balance between escorted tour and independent travel. Just You's holidays aren’t just for single people, however, they’re for anyone who wants to travel as an individual, without having to pay the single supplement for accommodation. On some long-haul holidays they include free access to the airport lounge and they have developed a diverse range of holidays that allow you to take in a wealth of destinations and experience a deluge of cultures. Whether it s a quick city break or a longer adventure you're looking for, to destinations in Europe, Asia, The Americas, Australia, New Zealand or Africa, these Just You voucher codes will help save you some much needed spending money.
parcelhero listed on couponmatrix.ukSend your parcels in the smartest way possible with ParcelHero, and allow this delightful delivery service to save the day! Grab a ParcelHero discount code from us to cut the cost of sending gifts to your loved ones or sending out products to customers. You’ll soon find that superhero speed and efficiency doesn’t have to cost an arm and a leg! With reliable couriers like DHL, TNT and UPS on the books, you can count on ParcelHero to get your goods from A to B at a very pocket-friendly price.
zazzle-co-uk listed on couponmatrix.ukZazzle is like the Internet’s marketplace for independent designers, so you can expect custom goods like art, business cards and even officially licensed brands like Scooby Doo, Harry Potter and Game of Thrones! This brand is all about creativity and it has gifting down to a T. Whether you’re opting for Zazzle wedding invitations or T-shirts, the world is your oyster and our Zazzle discount codes will help you cut the cost of your purchase.