The Spanish multinational fashion retailer, Mango, has announced it was impacted by a data breach after one of its external marketing service providers suffered a security incident. In a notification dated October 14, 2025, the company confirmed that the incident resulted in unauthorized access to certain customer data.
Mango has stated that its internal infrastructure and corporate systems were not compromised and that business operations are continuing as normal. The company has informed the Spanish Data Protection Agency (AEPD) and other relevant authorities about the situation.
According to the company’s official statement, the breach was limited to personal contact information used in marketing campaigns. Mango emphasized that no financial data or account credentials were exposed. The compromised information includes:
- First name (last names were not compromised)
- Country
- Postal code
- Email address
- Telephone number
