{“lastseen”:”2025-10-16T12:05:37″,”description”:”Mango has reported a data breach at one of its external marketing service providers. The Spanish fashion retailer says that only personal contact information has been exposed\u2014no financial data.\\n\\nThe breach took place at the service provider and did not affect Mango\u2019s own systems. According to the breach notification, the stolen information was limited to:\\n\\n * First name (not your last name)\\n * Country\\n * Postal code\\n * Email address\\n * Telephone number\\n\\n\\n\\n\\u003e \u201cUnder no circumstances has your banking information, credit cards, ID\/passport, or login credentials or passwords been compromised.\u201d\\n\\nBecause Mango operates in more than 100 countries, affected individuals could be located across multiple regions where Mango markets to customers through its external partner. As Mango has not named the third-party provider or disclosed how many customers were affected, we cannot precisely identify where these customers are located.\\n\\nMango has not released any details about the attackers behind the breach. Although the stolen data itself does not pose an immediate risk, cybercriminals often follow breaches like this with phishing campaigns, exploiting the limited personal information they obtained. \\n\\nWe\u2019ll update this story if Mango releases more information about the breach or the customers impacted.\\n\\n## **Protecting yourself after a data breach**\\n\\nAffected customers say they have received a data breach notification of which we have seen screenshots in Spanish and English.\\n\\nIf you think you have been the victim of a data breach, here are steps you can take to protect yourself:\\n\\n * **Check the vendor\u2019s advice.** Every breach is different, so check with the vendor to find out what\u2019s happened and follow any specific advice it offers.\\n * **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don\u2019t use for anything else. Better yet, let a password manager choose one for you.\\n * **Enable ****two-factor authentication (2FA****).** If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can\u2019t be phished.\\n * **Watch out for fake vendors.** The thieves may contact you posing as the vendor. Check the company\u2019s website to see if it\u2019s contacting victims and verify the identity of anyone who contacts you using a different communication channel.\\n * **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.\\n * **Consider not storing your card details**. It\u2019s definitely more convenient to let sites remember your card details, but we highly recommend not storing that information on websites.\\n * **Set up ****identity monitoring** , which alerts you if your personal information is found being traded illegally online and helps you recover after.\\n\\n\\n\\n## Check your digital footprint\\n\\nMalwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it\u2019s best to give the one you most frequently use) to our free Digital Footprint scan and we\u2019ll give you a report and recommendations.\\n\\nSCAN NOW”,”published”:”2025-10-16T10:49:27″,”modified”:”2025-10-16T10:49:27″,”type”:”malwarebytes”,”title”:”Mango discloses data breach at third-party provider”,”source”:””,”references”:””,”id”:”MALWAREBYTES:D2B5B1A9092891B6DC7E61F6F28C7B2A”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/10\/mango-discloses-data-breach-at-third-party-provider”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-10-16T12:05:37″,”description”:”Mango has reported a data breach at one of its external marketing service providers. The Spanish fashion retailer says that only personal contact information has…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-22049","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n