By
DPA
Published
October 16, 2025
Cybercriminals have stolen large volumes of personal data from customers of the Spanish fashion group Mango. According to an email sent to those affected, an external marketing service provider detected unauthorised access to certain personal data of customers, including those in Germany.
First name, email address, telephone number
Mango stressed that its own systems were not compromised and that its security measures are functioning as normal. Through the external service provider, the hackers gained access to data such as first name, country, postcode, email address and telephone number. Surnames, bank details and passwords were not accessed.
Mango said it had notified the Spanish Data Protection Agency (AEPD) about the situation and immediately activated its security protocols. The company advises its customers to be alert to suspicious communications, whether by email or telephone. Following similar incidents, cybercriminals have attempted to use victims’ data for phishing attacks.
Caution: risk of phishing attacks
Phishing is an online scam in which criminals attempt to steal sensitive data such as passwords or bank details by impersonating a trusted person or institution, for example via a fake email or website.
The data leak at Mango is another incident in a long series of cyber attacks on retailers and fashion chains. Mango is an international fashion group headquartered in Plegamans near Barcelona. The company is one of the world’s largest retailers of womenswear and menswear, as well as accessories, worldwide.
This article is an automatic translation.
