Mango hit by data breach as fashion cyberattacks continue to rise
Mango has confirmed that a third-party supplier suffered unauthorised access to "certain" customer data, marking the latest in a wave of cyber incidents hitting the fashion brands and retailers.
The Spanish fashion giant said the breach occurred via a marketing services provider in Spain and affected personal data. This included first names, countries, postal codes, email addresses and telephone numbers.
Mango told TheIndustry.fashion that its own operations and systems remain unaffected, and that no banking information, credit card details or passwords were compromised in the data breach.
Customers can continue to shop safely via Mango’s website, app and stores, the retailer said. The company has activated all security protocols and will notify the UK’s Information Commissioner’s Office within 24 hours. A dedicated mailbox ([email protected]) has been set up for customer inquiries.
While the breach appears contained, it highlights the fashion industry’s growing exposure to cyber crime.
In recent months, a string of high-profile brands have been targeted, including Marks & Spencer, Kering, Cartier, The North Face, H&M, Adidas, Harrods and Louis Vuitton. Many of these incidents involved unauthorised access to customer data and temporary service disruption, though financial details were often spared.
The timing of Mango’s breach comes just a day after the UK government urged retail leaders to take "immediate action" to strengthen their cyber defences. Technology Secretary Liz Kendall and Chancellor Rachel Reeves were among several ministers who signed letters to FTSE 350 bosses, warning that the number of major cyber incidents had more than doubled year-on-year, with the National Cyber Security Centre (NCSC) handling 204 nationally significant attacks in the 12 months to August 2025.
Kendall said: "We’ve seen first-hand the disruption caused by cyber attacks on major British companies, hitting their bottom line and putting jobs at risk… Cyber security is an issue that demands leadership both from chief executives and right across the boardroom."
The NCSC’s Chief Executive, Richard Horne, added that "cyber security is now a matter of business survival and national resilience," urging firms to take urgent steps to harden their systems and supply chains.
