Customers of Winnipeg's Thermea spa alarmed after notification of …

The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an email that their credit card information may have been compromised, alongside their full names, phone numbers and email and street addresses. Groupe Nordik, the parent company of the spa, said that they learned of the breach in late February, shut down the gift certificate system and hired a third-party firm to investigate.

“We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the email said. Gift certificates that have not been redeemed are still valid, Groupe Nordik said. The appropriate authorities have been notified of the breach and affected customers were encouraged to keep an eye out for any suspicious activity.

Unencrypted credit card info

“What the email didn’t include, though, was any guidance around the risk of identity theft that they have now incurred for me,” John Robins told Radio-Canada in a Wednesday interview.

Robins purchased a Thermea gift certificate with his credit card at a Polo Park kiosk around Christmastime, he said. He has submitted a complaint about the breach to the Office of the Privacy Commissioner. He’s not aware of any fraudulent charges on his credit card, but he’s going through his records again.

Robins was surprised to learn that Thermea saved his credit card information for any amount of time. “I certainly did not think that I was putting myself in that level of risk when I made a simple point-of-sale transaction with Therma.” Gautam Srivastava, a Brandon University professor of computer science who specializes in cybersecurity, said it’s fairly normal for companies to keep the amount of customer information that Thermea did for situations involving marketing and repeat customers.

He said these kinds of data breaches are happening more often, since businesses are prioritizing ease of use.  While paying by the tap of a credit card or phone is speedy and efficient, those practices are not always compatible with good security, Srivastava said. “If you’re looking to encrypt and then decrypt information, there’s time lags there, and so a lot of systems that are built for ease of use find those sorts of things compromised.”

He said Thermea isn’t entirely to blame for the data breach, as malicious attackers often test a number of companies within a specific vicinity in search of system weaknesses. Thermea is a well-loved establishment in Winnipeg, he said, so they won’t necessarily lose all of their business because of the data breach. There are steps Groupe Nordik can take to win back customers, such as keeping their security measures updated and ensuring customers that their information is safe, he said.

Consumers can protect themselves by changing the pins of their bank and credit cards periodically and using strong passwords for their emails, as well as multi-factor authentication or biometric verifications such as fingerprint technology. But at the end of the day, it’s a matter of trust, Srivastava said. “Their brand is going to take a hit for a little bit, but they can take steps in the future starting now to kind of win back some of that trust,” he said.

“When trust is broken in anything, it takes time to win back that trust, and sometimes you never do.” In a statement to Radio-Canada, Groupe Nordik said they hired a third-party cybersecurity firm to investigate the breach and will continue to work with them in the future. “We have since enhanced security measures on all Groupe Nordik systems, including the gift certificate system, and will continue to work with the cyber security firm to maximize the protection of our clients’ data,” the statement said.

Robins said the breach came at an unfortunate time for him and his family, as they lost their house to a fire in January 2022. He said Thermea is a bit of a local institution for Winnipeg and surrounding areas. “I’ve been there many times — really enjoy their service. It’s a real treat to be able to go to a spa.”

But Robins said Thermea will have to win his business back.

“I think giving an email notification that a breach happened is a good first step and I’m grateful for that credit where credit is due,” he said.

“But frankly given the — in my estimation — very weak data practices that this company has been engaged in, I really don’t want to go back to Thermea and jeopardize my data again with that firm.”

Tags:

booking-com listed on couponmatrix.ukdominion-cinema listed on couponmatrix.ukfenn-wright-manson listed on couponmatrix.ukgwr listed on couponmatrix.ukperfume-direct listed on couponmatrix.uksmart-fone-store listed on couponmatrix.uk
booking-com listed on couponmatrix.ukWhether you’re one for the wilderness or a lover of cities, Booking.com makes booking holidays simple again. Save money on your next trip, whether it’s a UK staycation or something further afield, with one of our Booking.com promo codes. We’ve tracked down all the best ways to save, including student discounts, seasonal sales and deals on exclusive money-off codes. With ATOL-protected booking, 24/7 customer service and literally millions of stays to choose from, it’s no wonder Booking.com is our go-to for affordable, fabulous holidays.
dominion-cinema listed on couponmatrix.ukTrue film lovers will appreciate the class immersion of Dominion Cinema, the grade listed Edinburgh building that puts an emphasis on a good old fashioned night at the movies. As a family-run business for over 80, you enjoy an intimate movie experience with a Dominion Cinema voucher and have plenty of spare change for popcorn and drinks. Whether you’re wanting to see the newest film screenings or are looking to arrange a private viewing with friends and family, enjoy a film-going experience like no other with Dominion Cinema.
fenn-wright-manson listed on couponmatrix.ukFenn Wright Manson is a luxury fashion designer for women who enjoy the finer things in life. If you have a wedding, day at the races, or business meeting coming up, you’ll be spoilt for choice when you utilise the amazing savings your Fenn Wright Manson discount code unlocks. With incredible tailoring specifically designed to suit all feminine figures, Fenn Wright Manson should be the only name on your lips when you’re looking for a stunning outfit to impress.
gwr listed on couponmatrix.ukTravel the nation in comfort with Great Western Railway, and start your adventure off on the right foot. Grab a GWR discount code from us as you check the convenient GWR train times, and you could save yourself a pretty penny on your next business or leisure trip. With smart ticketing to save paper, the cheapest train tickets for your dates, and reduced fuel emissions compared to driving your car, there’s no better way to travel than with GWR.
perfume-direct listed on couponmatrix.ukGreat smells aren’t hard to come by, but finding one at the right price can be! When we’re in need of the perfect fragrance from our favourite designers, we look to Perfume Direct. Stocking deliciously scented men’s aftershaves and women’s perfumes from top brands, ensure that you have a Perfume Direct discount code to hand to save on seasonal scents and bestsellers today. With A-lister designer names like Calvin Klein, DKNY and many more available - you’ll find your fragrance in a flash.
smart-fone-store listed on couponmatrix.ukAs experts in showcasing top tech – from the newest smartphones, to tablets, macs and watches – Smart Fone Store has got your devices covered. When you want to replace or upgrade your favourite gadgets, you can use a Smart Fone Store discount code to knock the cost of your investment. In today’s world, top-notch electronics are more necessary than ever, so grab all your modern essentials whilst paying a pittance at Smart Fone Store. At Groupon, we understand the importance of saving money. That's why we work hard to find the best Discount Codes and Voucher Codes for our customers. We know that everyone's budget is different, so we offer a range of codes to suit all needs. Whether you're looking for a percentage off your purchase, or free shipping, we've got you covered. So why wait? Save now and enjoy great savings! As perhaps the primary competitor to the iPhone, Samsung smartphones offer some of the best and most innovative tech on the market. Expect designs both new and refurbished to be sold at the Smart Fone Store. A Smart Fone Store voucher code can help you save on an array of Samsung smartphones, with an inventory sporting everything from the new Z Fold design to more legacy A models. With the option to pay the full amount upfront or spead the cost over many months, customers can afford a snazzy new Samsung regardless of their budget at Smart Fone Store.