MANGO, the Spanish fashion retailer, has disclosed a data breach affecting customer information due to a cyberattack on one of its external marketing service providers. The incident, revealed on October 14, 2025, involved unauthorized access to personal data used in marketing campaigns, prompting the company to notify affected customers directly.
The compromised data includes customers’ first names, country of residence, postal codes, email addresses, and telephone numbers. Notably, sensitive details such as last names, banking information, credit card data, government-issued IDs, passports, and account credentials were not accessed, reducing the risk of financial fraud. Despite this, the exposed information could be leveraged by threat actors for targeted phishing campaigns, where attackers impersonate legitimate entities to trick individuals into revealing further personal or financial data.
MANGO emphasized that its corporate infrastructure and internal IT systems remained unaffected, with no disruption to business operations. The company confirmed that all security protocols were activated immediately upon detection of the breach at the third-party vendor, although the name of the compromised marketing partner has not been disclosed.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: