The Spanish textile group Tendam, which owns brands such as Women’secret, Springfield, Cortefiel, Pedro del Hierro or Hoss Intropia, among others, has recognized that the cyberattack it suffered on September 5 led to access to certain personal data of members of the group’s loyalty clubs, including the DNI.
Concretely, as the company reported in an email addressed to members of loyalty clubs, this attack could have affected some of the personal data provided for the management of membership to Club Cortefiel, Club WOW or Club Springfield (first and last name, identifier or contact details such as postal address, email and/or telephone). Financial information, such as credit card numbers or other payment methods, has not been affected, the company assures. Neither are user passwords.
Tendam says that since the day it suffered the cyber attack, “it has worked to determine the extent of the incident and strengthen its cybersecurity measures to ensure that such situations do not recur.” The textile group tells its partners that it has “immediately” adopted the necessary security measures, while reporting the incident to the competent authorities, including the Spanish Data Protection Agency.
The company has asked loyalty club members to be, in this situation, attentive to communications from third parties that could arrive through channels whose contact details have been stolen by cybercriminals. This is the use that the data stolen in this type of leak generally makes: to serve as a platform for electronic scams which have multiplied in Spain in recent years.
“We ask you to be attentive to atypical or suspicious communications that are linked to your personal data and to be wary of emails, calls, SMS or WhatsApp messages whose sender has not been identified. Do not give out your access codes or bank details and be particularly careful with links in electronic messages, WhatsApp or SMS,” recalls the communication.
