Overview

• Mango notified shoppers by email on Tuesday after hackers accessed data via an external marketing service provider.
• Exposed information was limited to first name, country, postcode, email address and phone number, with no bank details, IDs or passwords taken.
• The company reported the incident to Spain’s Data Protection Authority and said stores and online services are operating normally.
• Mango has not named the marketing vendor or disclosed how many customers were affected, and it urged caution over suspicious emails and phone calls.
• Analysts warn that third‑party suppliers remain a key weak point for retailers and that such data can power convincing phishing and impersonation attempts.