Hackers have gained access to Basic-Fit’s customer data. The Dutch fitness chain announced this on Monday morning. According to a spokeswoman, the data of 1 million members has been stolen.
The leaked data concerns members from “various countries”, she said. It includes names, addresses, email addresses, telephone numbers, dates of birth and bank details.
Data from Belgian members has also been stolen, a spokeswoman confirmed. She was unable to provide a specific figure.
Across the six countries where Basic-Fit operates under its own brand – the Netherlands, Belgium, France, Spain, Luxembourg and Germany – the breach affects a total of 1 million members out of a total of approximately 5 million. Specifically for the Netherlands, the chain announced that 200,000 customers have been affected.
Basic-Fit has not disclosed exactly when the hack took place. However, the spokesperson confirmed that a report has now been filed with the Dutch Data Protection Authority, the country’s privacy watchdog, as required within 72 hours.
The company says the hack was stopped "within minutes" of being discovered. By that point, the data of around a fifth of customers had been downloaded from the system. Basic-Fit emphasises that it does not store identity documents and that no passwords were compromised.
Basic-Fit, including the recently acquired Clever Fit, has more than 2,150 fitness centres with over 5.8 million members across twelve European countries. According to the spokesperson, the chain has 236 branches in Belgium.
This story was updated.
