The data breach at Basic-Fit affects a total of 1 million of the 5.8 million members. It was previously announced that data from 200,000 people had been stolen in the Netherlands, but the Hoofddorp-based chain is also in five other countries. Basic-Fit says it has informed everyone who has been affected.
The hack took place in the system that contains all data from the various Basic-Fit countries. In addition to the Netherlands, this also includes Belgium, France, Spain, Luxembourg and Germany and concerns information about club details of the members. This concerns membership information, name and address details, e-mail addresses, telephone numbers, dates of birth and bank account details. According to the company, no passwords or information such as height and weight were viewed.
Basic-Fit has informed the Dutch Data Protection Authority (AP) of the unauthorized access to the system that registers visits by members to its fitness clubs. This unauthorized access was discovered by the company’s system monitoring. According to Basic-Fit, the attack was stopped within minutes of discovery.
The company does not share exactly when the attack took place in the ongoing investigation. According to research, the data has not yet been placed online anywhere or has already been misused, the fitness chain reports. Basic-Fit has announced that it will continue to closely monitor the issue together with external specialists.