Mango Targeted in Recent Cyber Attack: Unauthorised Access to Client Information

New hacker attack on a fashion company. Mango has alerted this afternoon that one of its external services has suffered an “unauthorized access” to customer contact data used in marketing campaigns. The information exposed is limited to contact details and not means of payment or ID or passport numbers.

The incident, which is in addition to others recently suffered by companies in the sector, has forced Mango to alert customers of the data breach and notify the Data Protection Agency and Authorities.

The Spanish company stresses that the information exposed “is limited to personal contact details used in marketing campaigns: Exclusively first name (no surnames have been seen compromised), country, postal code, email address and telephone number.“ “Everything continues to function normally,“ added the company, which also stressed that the company’s infrastructure and corporate systems have not been compromised.

“In no case has banking information, credit cards, ID cards, passports or access credentials or customer passwords have been compromised,“ warned Mango, which has “immediately” activated its security protocols.“

Mango has pointed out that access “is limited to personal contact information”

Mango has also advised customers, pre-emptively, to pay attention to any “suspicious communications” or requests for unusual actions by both email and telephone.

Tendam was in September 2024 the last major Spanish company to suffer a hacker attack, with access to 720 gigabytes of information. The perpetrators of the attack demanded that the company pay 800,000 euros to prevent information from being leaked.

This same year, Hoff saw its customers’ data compromised, such as names and telephone numbers, as well as order histories, while in March El Corte Inglés reported unauthorized access, claiming to have detected the problem and that the information breached did not allow third parties to operate or make payments with their cards.

Marks&Spencers, Vitoria’s Secret, Adidas, The North Face, Decathlon, Dior, Cartier, Chanel, Kering and Clarins are just some of the brands on the long list of companies in the sector affected on an international scale by attacks by cybercriminals in recent months.

In 2025 alone, the estimated cost to companies of cyber-attacks will reach $10.5 billion, 300% more than a decade ago, according to the latest data from McKinsey.

In 2024, companies will spend approximately $200 billion on cybersecurity products and services, up from $140 billion in 2020. The third-party vendor cybersecurity market is forecast to grow 12.4% annually between 2024 and 2027, surpassing historical growth levels, as organizations look to reduce attacks.