Basic-Fit, the largest gym and fitness chain in Europe, has revealed a data breach that has compromised the personal information of approximately 1 million members.
In a press release issued on Monday, the company, based in the Netherlands, reported that it recently discovered unauthorized access to its systems.
Although the breach was contained within minutes, an investigation showed that data from active members in multiple countries had been downloaded by the attacker.
The compromised data includes names, email addresses, physical addresses, phone numbers, birth dates, and bank account information.
“Basic-Fit does not store identification documents of members, and no passwords were compromised,” the gym chain stated.
With over 5 million members and 1,500 clubs throughout Europe, Basic-Fit indicated in its release that around 200,000 members from the Netherlands were affected.
However, the company informed cybersecurity researchers that the total number of impacted individuals is closer to 1 million, including those in Spain, Germany, France, Belgium, and Luxembourg.
The identity of the attackers remains unknown. No ransomware group has claimed responsibility for the breach, and the company stated it is not aware of any data being leaked or misused. For more information on similar incidents, refer to Daily Breach Intelligence.
In light of this incident, organizations are reminded to stay vigilant and implement robust cybersecurity measures, as outlined by CISA.
