Dutch fitness chain Basic-Fit has revealed that hackers gained unauthorized access to its systems, exposing personal data belonging to roughly one million members across Europe.
The company, which operates more than 1,700 clubs and over 430 franchises in 12 countries, said the breach affected users in nations including the Netherlands, Belgium, Luxembourg, France, Spain, and Germany.
According to a notice published by the company, the intrusion targeted a system used to track member visits to its gyms. Basic-Fit said the breach was detected quickly through its monitoring systems and stopped within minutes. Despite the rapid response, an internal investigation conducted with external cybersecurity experts confirmed that some member data had already been extracted.
The compromised information includes names, home addresses, email addresses, phone numbers, dates of birth, bank account details, and other membership-related data. However, the company emphasized that no identification documents or account passwords were accessed. It also clarified that franchise customer data remains unaffected because it is stored in a separate system.
Basic-Fit has reported the incident to the relevant data protection authorities and has directly notified impacted members. While the company stated that around 200,000 users in the Netherlands were affected, a spokesperson later indicated the total number of impacted individuals across Europe is closer to one million. The company serves approximately five million members in total.
Although there is currently no evidence that the stolen data has been published online, Basic-Fit says it will continue monitoring the situation with the assistance of external experts. Under European data retention regulations, the company is required to delete personal and membership data after two years automatically.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
