Overview
- Basic-Fit disclosed Monday that a hack exposed data on roughly 1 million members across Europe, including about 200,000 in the Netherlands.
- The gym chain says leaked records include membership details, names, addresses, emails, phone numbers, birthdates, bank account numbers, and recent club visit logs from its check-in system.
- Booking.com said unauthorized parties accessed contact details and some booking information, and a spokesperson said no payment data or customer addresses were taken.
- Both companies notified customers and the Dutch privacy regulator and issued alerts about targeted phishing that may cite exact booking amounts or gym visits to build trust.
- Security experts and privacy advocates urged stronger oversight and routine checks, warning attackers are getting more skilled and that combined leaks can power scams such as vacation fraud or identity abuse.