MANGO Faces Major Data Breach at Third-Party Vendor, Customer Data Exposed

Spanish fashion retailer MANGO announced that one of its third-party vendors experienced a major data security breach, which resulted in the unauthorised access and exposure of sensitive personal information belonging to a large number of its customers.

 

Headquartered in Barcelona, Spanish fast-fashion company Mango designs, manufactures, and sells women’s, men’s, and children’s clothing and accessories.

 

In a data security incident notice sent to affected customers, MANGO said that one of its external marketing service providers recently suffered a significant data security breach, during which threat actors infiltrated its internal network and stole confidential data belonging to MANGO customers.

 

 

 

The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. In response to the data breach at its marketing service provider, MANGO also activated all established security protocols to minimise potential risks and safeguard customer information.

 

“The information exposed is limited to personal contact information used in marketing campaigns: exclusively first name (your last name has not been compromised), country, postal code, email address, and telephone number,” MANGO said.

 

The Spanish fashion retailer added that “everything continues to operate normally and that Mango’s infrastructure and corporate systems have not been compromised.”

 

MANGO added that, at present, there is no evidence indicating that any banking details, credit card information, identification documents, or account credentials and passwords were compromised in the incident.

 

At the time of publishing, no known hacker group listed MANGO on their data leak portal. The company also did not share details on who was behind the attack, how much data was compromised, or whether it had received a ransom demand.