Basic-Fit, Europe’s largest gym and fitness chain, has disclosed a data breach affecting the personal information of roughly 1 million members.
In a press release published on Monday, the Netherlands-based company said it recently detected unauthorized access to systems.
While the intrusion was blocked within minutes, an investigation revealed that data belonging to active members in several countries had been downloaded by the hacker.
Compromised information includes names, email addresses, physical addresses, phone numbers, dates of birth, and bank account details.
“Basic-Fit does not hold identification documents of members and no passwords were accessed,” the gym chain said in a statement.
Basic-Fit, which has over 5 million members and 1,500 clubs across Europe, said in its press release that roughly 200,000 members from the Netherlands are affected.
However, it has told SecurityWeek that a total of approximately 1 million members are affected, including in Spain, Germany, France, Belgium, and Luxembourg.
It’s unclear who is behind the attack. No known ransomware group has taken credit for the hack and the company said it’s not aware of the data being leaked or misused.
*updated with direct confirmation from Basic-Fit to SecurityWeek of the number of impacted individuals
Related: Nightclub Giant RCI Hospitality Reports Data Breach
