Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

eds-easy-diner listed on couponmatrix.ukeve-mattress listed on couponmatrix.ukgroupon listed on couponmatrix.ukthe-gym-group listed on couponmatrix.uktoolstation listed on couponmatrix.ukudemy listed on couponmatrix.uk
eds-easy-diner listed on couponmatrix.ukGet a taste of the states just around your corner from your house at your local Ed’s Easy Diner. Putting out plates of all-American classics like hot dogs, burgers and racks of ribs, you’ll find plenty of mouth-watering meals to devour at a discount with an Ed’s Easy Diner voucher. Find plenty to feast on around the clock through their numerous menus and even take away if you’re feeling lounging with some lazy food.
eve-mattress listed on couponmatrix.ukTrouble sleeping? Then you probably haven’t tried an eve sleep mattress. As well as being ridiculously comfortable, every Eve mattress comes with a 10-year warranty, free delivery and a 100-night trial. If you’re not totally smitten with your new Eve mattress, it’ll be picked up and returned completely free of charge. Rest easy with an Eve Mattress discount from us and enjoy a peaceful night’s sleep for less. For ultimate comfort, combine your new mattress with Eve’s collection of frames, bedding, pillows and beautiful bedroom accessories and make going to bed your favourite part of the day.
groupon listed on couponmatrix.ukGroupon unlocks a world of savings on getaways, beauty treatments and restaurants – starting with your local community. Partnering with thousands of retailers across the country, at Groupon you’ll unearth hidden gems in your area or book a meal in your favourite eatery at a significant discount. You’ll even bag an extra discount on incredible experiences or goods with a Groupon discount code. It doesn’t matter if you’re looking for a fun place to spend time with your friends, a romantic restaurant for a date or you’re planning a short break abroad to catch some sun – Groupon’s got you covered with trips and experiences to let you live life to the fullest. From mattresses to flights, choose Groupon and you’ll never have to worry about overspending on everyday necessities or once-in-a-lifetime experiences.
the-gym-group listed on couponmatrix.ukThe Gym Group works hard to create a welcoming space for all fitness abilities – whether you’re a beginner, a gym enthusiast or somewhere in between. There are hundreds of Gym Group gyms across the UK with 24/7 access, so you can drop in when you like and make your workout work for you! Whether you prefer cardio classes or hitting the weights, we’ve got plenty of the Gym Group promo codes to help you save on membership and meet your fitness goals.
toolstation listed on couponmatrix.ukFrom the largest circular saw to the most precise drill, there’s no task too big or small for Toolstation to take on. Home to everything you need to build, demolish, paint or decorate, you’ll be hard-pressed to find an essential tool at an unbeatable price – especially with our newest Toolstation promo code handy! Whether you’re repainting the garden fences or installing a new wall mount, get the right tool for every job at Toolstation.
udemy listed on couponmatrix.ukBuild up your skills with a brand new online learning course from Udemy. With more than 80,000 courses to choose from in a range of subjects stemming from the arts to AI technology, your brain will be bulging with knowledge and facts to share with friends. Use an Udemy discount code to make a saving on your next e-learning programme and start ticking off those bucket list skills you’ve been wanting to learn today!