Basic-Fit also hacked; data from 200,000 members leaked
Hackers are on a rampage and have stolen data from a total of 1 million members.
Published on April 13, 2026
Unsplash
Masterstudente journalistiek aan de RUG, stagiair bij IO+, schrijft graag over de integratie van AI in het dagelijks leven
The fitness chain Basic-Fit has been hit by a major data breach. Member data from people who work out at the chain has been leaked in several countries. According to Basic-Fit, approximately 200,000 members in the Netherlands are affected. Recently, several companies in the Netherlands have fallen victim to hackers. For example, mobile, fiber-optic, and TV provider Odido and healthcare provider Chipsoft were also targeted by various hackers.
The data includes membership information, names and addresses, email addresses, phone numbers, dates of birth, and bank account details. Basic-Fit does not store members’ identification documents, and no passwords were accessed.
“My initial reaction to an email like that is a slight panic about my personal information, then it turns into suspicion because it looks like a phishing email to me, and then I realize that this is real,” says Kylan Hofman, a member at Basic-Fit. “It doesn’t exactly inspire confidence that this is happening to a major chain.”
System that tracks visits hacked
The gym has notified the Dutch Data Protection Authority of unauthorized access to the system that tracks members’ visits to fitness clubs. This system contains data from the various countries where Basic-Fit operates. In addition to the Netherlands, these include Belgium, France, Spain, Luxembourg, and Germany. It is unknown how many people have been affected.
The attack was detected by the company’s system monitoring. Basic-Fit stopped the attack within minutes, but by then a significant amount of data had already been downloaded. It is not yet known whether the data has been further distributed or misused.
Basic-Fit email © Amber van Kempen
Phishing with stolen data
Basic-Fit is informing affected members that they do not need to take any further action. Hackers can use the stolen information to send phishing emails, the gym advises athletes to be vigilant about this. With the data they have, they can appear convincing and thus steal more information from individual members.
“It’s pretty serious that they’ve lost so much data, especially banking information. At the same time, their email sounds understated and calm, even though it’s actually quite a serious breach,” said Hofman. “They did report it fairly quickly and communicated transparently, which is a positive point.”