Basic-Fit was impacted by a cyberattack that affected members in several countries, with 200,000 of them located in the Netherlands.

Basic-Fit was impacted by a cyberattack that affected members in several countries, with 200,000 of them located in the Netherlands.

      The breach revealed names, addresses, email addresses, phone numbers, dates of birth, and bank account information. No passwords or identity documents were compromised. The Dutch Data Protection Authority has been informed. Basic-Fit operates over 1,300 fitness clubs across seven European nations.

      Basic-Fit, the largest budget fitness chain in Europe by the number of clubs, has reported a data breach affecting members in several countries, including around 200,000 individuals in the Netherlands whose data was compromised. The company confirmed that it notified the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) after discovering unauthorized access to the system used for tracking member visits to its gyms.

      The exposed data comprises membership details, names, home addresses, email addresses, phone numbers, dates of birth, and bank account information. Basic-Fit asserted that it does not store identity documents, such as passports or driving licenses, and that no passwords were compromised in the breach.

      The attack specifically targeted the club check-in and visit-registration system, which records member access via turnstiles at each site. Basic-Fit operates in seven European countries: the Netherlands, Belgium, Luxembourg, France, Spain, Germany, and Austria.

      The presence of bank account information in the leaked data poses a major concern for affected members. Coupled with names and dates of birth, IBAN numbers and banking details facilitate the potential for SEPA direct debit fraud and financial impersonation. Basic-Fit's privacy policy indicates that the company collects bank account numbers from all members during the subscription process to manage recurring membership payments.

      Affected members are advised to closely monitor their accounts and remain vigilant against phishing attempts that may leverage the exposed personal information to appear legitimate.

      This breach emerges during a challenging time for data security in the Netherlands. In February 2026, telecom operator Odido, formerly T-Mobile Netherlands, experienced what cybersecurity experts termed one of the largest data breaches in Dutch history, exposing the personal data of around 6.2 million customer accounts through an attack on its customer relationship management system. This incident included IBAN numbers, passport information, and dates of birth. While the Basic-Fit breach is significantly smaller, it follows a similar trend of attacks targeting systems that contain large amounts of customer identity and financial data.

Other articles

UK impact venture capital firm Eka Ventures has successfully closed its second fund at $107 million. UK impact venture capital firm Eka Ventures has successfully closed its second fund at $107 million. Eka Ventures, based in London, has finalized its second fund at £80 million ($107 million), focusing on UK pre-seed and seed startups in the areas of health, sustainability, and essential services. Europe is breaking down its own regulations to compete with the United States. Europe is breaking down its own regulations to compete with the United States. The EU's Digital Omnibus undermines the AI Act and GDPR under the guise of enhancing competitiveness. However, deregulation will not resolve Europe's actual issues. Rockstar has been hacked once more, but they claim it's not a major issue. Rockstar has been hacked once more, but they claim it's not a major issue. Rockstar has confirmed a data breach associated with the hacker group ShinyHunters, but states that it does not affect players, even in light of ransom threats and possible leaks of internal data. UK impact venture capital firm Eka Ventures has successfully raised its second fund, totaling $107 million. UK impact venture capital firm Eka Ventures has successfully raised its second fund, totaling $107 million. Eka Ventures, located in London, has successfully closed its second fund at £80 million ($107 million), aiming to invest in UK pre-seed and seed startups focused on health, sustainability, and essential services. Europe is breaking down its own regulations in order to compete with the United States. Europe is breaking down its own regulations in order to compete with the United States. The EU's Digital Omnibus undermines the AI Act and GDPR under the guise of enhancing competitiveness. However, deregulation won't resolve Europe's actual issues. London fintech Round secures $6M in seed funding to manage payroll. London fintech Round secures $6M in seed funding to manage payroll. London-based fintech Round has secured $6 million in a seed round led by Alstin Capital to automate treasury, payroll, payments, and foreign exchange for finance teams.

Basic-Fit was impacted by a cyberattack that affected members in several countries, with 200,000 of them located in the Netherlands.

Basic-Fit has announced a data breach that impacts members in several European nations, including approximately 200,000 in the Netherlands.