Basic‑Fit data breach
Basic‑Fit said a data breach exposed information tied to about 1 million members, including roughly 200,000 in the Netherlands. (reuters.com) French reports say the stolen information included banking details and that customers in six countries — including France — were affected. (valeursactuelles.com)
Basic-Fit says hackers downloaded personal and banking data tied to about 1 million gym members across six European countries. (finance.yahoo.com) (theregister.com) The company disclosed the breach on Monday, April 13, and said about 200,000 affected members were in the Netherlands. It said the stolen data included names, contact details, dates of birth and bank account details. (finance.yahoo.com) (wkzo.com) Basic-Fit told customers the intrusion hit the system that records members’ visits to clubs. The company said its monitoring tools detected the unauthorized access and stopped it within minutes, but not before data was downloaded. (theregister.com) (dutchnews.nl) The scope matters because Basic-Fit is one of Europe’s biggest low-cost gym operators, with 4.82 million memberships in its owned clubs at the end of 2025 and operations in 12 countries. A breach in a central member system can therefore spill across borders quickly. (corporate.basic-fit.com) (finance.yahoo.com) Basic-Fit said the affected countries were the Netherlands, Belgium, Luxembourg, France, Spain and Germany. It also said all six were exposed through the same system rather than through separate national databases. (theregister.com) The company said no passwords were accessed and that it does not store copies of members’ identity documents. It told customers it was not aware, for now, of the stolen data being posted online or offered for sale. (finance.yahoo.com) (theregister.com) Basic-Fit said it notified the relevant Dutch data protection authority and contacted affected members directly. Its customer warning focused on phishing, telling people to treat unexpected emails and messages with caution. (theregister.com) (dutchnews.nl) The breach did not include the company’s franchise network, which uses a separate system, and it did not involve Clever Fit branches acquired by Basic-Fit in October 2025. The company said outside specialists are investigating who got in and how. (dutchnews.nl) (theregister.com) For members, the immediate problem is not gym access but the mix of bank details, birth dates and contact data now in criminal hands. Basic-Fit’s next test is whether it can contain follow-on scams after stopping the breach itself. (finance.yahoo.com) (theregister.com)
