Total Fitness Data Breach
The fitness group Total Fitness have revealed to their members that they recently experienced a sophisticated data breach.
In an email sent to members on 19 February, Total Fitness confirmed that the attack was carried out by an international organised cyber-crime network, who were able to access information containing a subset of private data from June 2018.
The data compromised in the breach is said to include scanned copies of membership agreements, names, bank account and sort code details. The email from Total Fitness did note that data such as usernames, passwords and credit card information were not compromised.
The email went on to disclose that the financial information compromised “is listed in isolation and is not linked with any other identifying information such as email addresses or postal addresses.
“On its own, it is extremely unlikely that this data could be exploited in such a way that would lead to any financial loss.”
In response to the breach, Total Fitness have claimed that all of their systems were immediately locked down before being migrated to a new ‘clean’ environment.
Total Fitness also added that they are: “continuously with the relevant law enforcement agencies and cyber forensic experts to investigate the incident and support their pursuit of offenders who target businesses in this way, something that is sadly becoming more frequent globally.”
While Total Fitness have suggested that the information compromised in the data breach is unlikely to lead to direct financial loss, it is still possible that the information can used for fraudulent purposes, or malicious intent.
Hayes Connor is already acting for clients who have been affected by the Total Fitness data breach and are ready to advise anyone else who may have been impacted.
Wondering if you may be entitled to compensation for the Total Fitness data breach? Please get in touch.