Spanish fashion retailer Mango is notifying customers of a data breach affecting personal information processed by one of its third-party marketing providers.
The incident resulted in unauthorized access to a limited set of contact details, prompting the company to issue precautionary alerts and notify regulatory authorities.
The breach was disclosed via an email in which Mango clarified that only non-sensitive information used for marketing purposes was exposed. The compromised data includes first names (excluding surnames), country, postal code, email addresses, and phone numbers. The company emphasized that no financial data, login credentials, identification documents, or internal systems were affected.
Mango has stated that the breach was confined to a marketing partner’s systems and did not compromise its corporate infrastructure or digital platforms. All core services, including online stores and physical retail locations, remain fully operational. The company detected the anomaly internally and responded by activating its data protection protocols in line with the General Data Protection Regulation (GDPR).
Mango is one of Spain’s largest clothing retailers, operating over 2,600 stores in more than 110 countries. The company is known for its fast fashion model and significant digital presence, with online sales representing a growing share of its annual revenue.
Following the breach, Mango informed the Spanish Data Protection Authority (AEPD) and other competent authorities as required by law. The company also issued guidance to customers, advising heightened vigilance against phishing attempts and suspicious messages, particularly those requesting personal or banking information. Mango reiterated that it never solicits such details via email or phone.
While the nature of the breach suggests a low risk of direct financial harm, exposed contact details can be leveraged in targeted phishing campaigns or smishing attacks. Customers are encouraged to verify the authenticity of unexpected communications claiming to be from Mango and to report any suspected fraud.
Leave a Reply