Retailer Mango confirms data breach after cyber attack

Fashion retailer Mango has informed customers that a recent cyber attack involving one of its external marketing service providers has resulted in the potential theft of personal contact information.

The company has moved quickly to notify affected individuals and authorities while assuring the public that its core IT systems and all financial data remain secure.

The breach, which was confirmed via email to a large number of customers this week, specifically targeted a third-party service used for marketing campaigns. According to Mango, the hackers gained unauthorized access to limited personal contact details including name, country, postal code, email address, and phone number.

Crucially, the company emphasized that no sensitive information was compromised. This means customer banking details, credit card numbers, login credentials, and passwords were not accessed by the hackers. Mango stated that its own internal infrastructure and corporate systems were not affected, and operations are continuing normally.

As soon as the situation was detected, Mango immediately activated its security protocols and has since informed the Spanish Data Protection Authority (AEPD) and other relevant authorities, in line with current regulations.

The incident serves as another reminder of the persistent security challenges facing the retail sector, with major brands including Marks & Spencer, Harrods and Louis Vuitton also falling victim to cybercrime recently.

Mango is advising its customers to remain vigilant and pay close attention to any suspicious communications or unusual requests made via email or phone. The company is also offering a dedicated customer service email and phone number for further queries. The company has expressed regret for any inconvenience caused to its customers.