What customer information was exposed in the MANGO breach?

MANGO claims that only non-sensitive information used for marketing purposes was exposed, including first names (excluding surnames), country, postal code, email addresses, and phone numbers. The company states that more sensitive data such as banking details, passwords, and full names were not compromised.

How many MANGO customers were affected by the data breach?

The number of affected individuals has not been disclosed by MANGO. The company sent data breach notifications to its affected customers on October 14, 2025, but has not publicly stated the total number of people impacted.

When did MANGO notify customers about the data breach?

MANGO sent data breach notifications to its affected customers on October 14, 2025. The company also notified the Spanish Data Protection Agency (AEPD) and relevant authorities about the breach.

Was MANGO's main system compromised in the breach?

No, MANGO claims that the breach was limited to systems managed by an unnamed third-party marketing vendor. The company states that MANGO's core infrastructure and corporate systems were not impacted by the security incident.

What should MANGO customers watch out for after the breach?

MANGO warned customers to be cautious of unexpected emails or phone calls requesting unusual actions or soliciting personal information. The company reminded customers that MANGO will never request banking details or passwords through email or phone communications. Customers should be alert for potential phishing attempts that may use the exposed information.

Were credit card details or passwords exposed in the MANGO breach?

No, according to MANGO, credit card details and passwords were not exposed in the breach. The company stated that only non-sensitive marketing information was compromised, including first names, country, postal code, email addresses, and phone numbers. MANGO emphasized that they will never request banking details or passwords through email or phone.

Has MANGO reported the breach to authorities?

Yes, MANGO has notified the Spanish Data Protection Agency (AEPD) and relevant authorities about the breach. The company sent data breach notifications to affected customers on October 14, 2025, in compliance with data protection regulations.

What caused the MANGO data breach?

The breach occurred due to unauthorized access at one of MANGO's external marketing service providers. The company has not disclosed the identity of the third-party vendor or the specific nature of how the unauthorized access occurred, but stated that only the vendor's systems were affected, not MANGO's core infrastructure.

Incident

Fashion retailer MANGO reports data breach through third-party marketing vendor

Q: What happened with the MANGO data breach?

Spanish fashion company MANGO experienced a data breach exposing customer personal information after unauthorized access occurred at one of its external marketing service providers. The company claims the breach was limited to systems managed by an unnamed third-party marketing vendor, and that MANGO's core infrastructure and corporate systems were not impacted.

Q: How can MANGO customers get help regarding the data breach?

MANGO has established a dedicated email address (personaldata@mango.com) and telephone hotline (900 150 543) to support customers concerned about the potential exposure from this incident. Customers can use these contact methods to get information and assistance.

published: Oct. 15, 2025

Learn More

Spanish fashion company MANGO is reporting a data breach exposing customer personal information after unauthorized access at one of its external marketing service providers.

The company claims that the breach was limited to systems managed by an unnamed third-party marketing vendor, and that MANGO's core infrastructure and corporate systems are not impacted.

MANGO claims that only non-sensitive information used for marketing purposes was exposed, including

First names (excluding surnames)
Country
Postal code
Email addresses
Phone numbers

The number of affected individuals is not disclosed. On October 14 the company sent data breach notifications to its customers, and has notified the Spanish Data Protection Agency (AEPD) and relevant authorities about the breach. A dedicated email address (personaldata@mango.com) and telephone hotline (900 150 543) have been established to support customers concerned about the potential exposure from this incident.

MANGO warned customers to be cautious of unexpected emails or phone calls requesting unusual actions or soliciting personal information. The company reminded customers that MANGO will never requests banking details or passwords through email or phone communications.

Fashion retailer MANGO reports data breach through third-party marketing vendor

Read More
Dunn Bros. coffee locations hit by data breach …
Sutter North Surgery impacted by a data breach …
Coupang reports data breach exposing personal data of …
California Public Employees' Retirement System third-party data breach …
Community Trust Bank reports MOVEit related data breach