Overview
- Mango notified affected customers on October 14 after detecting unauthorized access at an external marketing service.
- The exposed data is limited to first name, country, postal code, email address, and telephone number.
- The company says its corporate systems were not compromised and that banking data, IDs, and login credentials were not affected.
- Mango activated security protocols, reported the incident to Spain’s AEPD, and opened support channels at personaldata@mango.com and 900 150 543.
- No threat group has claimed responsibility, and the case comes during a wider wave of attacks on fashion and retail firms.