Basic-Fit hack compromises data of up to 1 million members

Basic-Fit, a European gym chain, disclosed that hackers breached one of its internal systems, exposing members’ personal data in several countries. The company operates more than 2,150 clubs in 12 countries under two brands, with more than 5.8 million members.

“The unauthorised access was detected by our system monitoring processes and was stopped within minutes of discovery. The members whose data is involved have been informed,” the company said in a statement.

An investigation by external security experts found that some data from its systems was downloaded. The data includes membership information, names and addresses, email addresses, phone numbers, dates of birth and bank account details.

In its public disclosure, the company said around 200,000 members in the Netherlands were affected. However, Dutch media report about 1 million members were impacted in the Netherlands, Belgium, Luxembourg, France, Spain and Germany.

According to Basic-Fit, passwords and identification documents were not accessed, with no evidence so far of misuse or public exposure.

The company has notified impacted members by email, warning them to be on the lookout for phishing attempts, and noted it “continues to monitor the issue closely.”