Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Spanish fashion retailer MANGO disclosed a data breach

Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it has over 2,850 stores in 120 countries and 16,400 employees. In 2024, it reported €3.3 billion in revenue and €219 million in profit. Online sales account […]

mango

Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information.

Mango is a global fashion brand founded in Barcelona in 1984, it has over 2,850 stores in 120 countries and 16,400 employees. In 2024, it reported €3.3 billion in revenue and €219 million in profit. Online sales account for about one-third of total revenue. Key markets include Spain, France, and the United States.

The Spanish fashion disclosed a data breach after its marketing vendor was compromised, exposing customer personal data. The company sent data breach notifications to the impacted customers on October 14, 2025.

Compromised data includes first name, country, postal code, email address, and phone number. The company pointed out that the security breach did not affect sensitive data such as banking details, ID/passport, login credentials, and passwords. The incident did not impact the company’s internal systems. The company notified the Spanish Data Protection Agency (AEPD).

“In line with our commitment to the security and privacy of our customers, MANGO would like to inform you that one of our external marketing services suffered unauthorized access to certain customers’ personal data.” reads the data breach notification.

“The exposed information is limited to personal contact data used in marketing campaigns: exclusively your first name (your last name was not compromised), country, postal code, email address, and phone number. We want to assure you that everything continues”

Mango
Source X @venarix

At the time of this writing, no ransomware groups have claimed responsibility for the attack on MANGO.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, fashion retailer)