Back

Data Breach at Basic-Fit Exposes Personal and Bank Information of Nearly One Million Members

Severity: High (Score: 64.5)

Sources: www.ladepeche.fr, www.eldiario.es

Summary

Basic-Fit, a low-cost gym chain, reported a significant data breach affecting approximately one million members across Europe, including customers from Spain, France, Germany, and the Netherlands. The breach, which occurred on April 8, 2026, involved unauthorized access to a system that records member visits, leading to the theft of personal data such as names, addresses, email addresses, phone numbers, birth dates, and bank account details. Basic-Fit confirmed that no passwords were compromised and that the breach was quickly contained after detection. The company has informed affected members and advised them to be vigilant against potential phishing attempts. The breach highlights the risks associated with personal data accumulation and the potential for subsequent financial fraud. Basic-Fit operates over 2,150 clubs and serves 5.8 million members across twelve countries. The company emphasized the importance of resilience in cybersecurity, acknowledging that complete security is unattainable. Key Points: • Approximately one million Basic-Fit members' personal and bank data were stolen. • The breach occurred on April 8, 2026, through unauthorized access to a member visit recording system. • Basic-Fit has advised affected members to be cautious of phishing attempts following the breach.

Key Entities

  • Data Breach (attack_type)
  • Phishing (attack_type)
  • Basic-Fit (company)
  • Alemania (country)
  • España (country)
  • France (country)
  • Francia (country)
  • Luxembourg (country)
  • eldiario.es (domain)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1566 - Phishing (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed