A criminal data breach has compromised member and employee information at Sats, Norway’s largest fitness chain, the company confirmed on Wednesday. The incident, initially disclosed on March 24 as unauthorized access to parts of its IT systems, has now been classified as a deliberate cyberattack and reported to authorities.
Sats CEO Sondre Gravir described the breach as serious in a stock exchange filing, emphasizing the company’s commitment to assessing its full impact and mitigating further risks. "We take this very seriously," Gravir stated. "We are working hard to clarify the scope of the breach, limit the consequences, and have implemented necessary measures to reduce the risk further."
Affected Data and Company Response
While the full extent of the breach remains under investigation, Sats has confirmed that both member records and employee data were accessed. The company has not yet disclosed whether financial information was compromised. Authorities, including the Norwegian Data Protection Authority, have been notified as required by law.
Sats has begun notifying affected individuals and is offering support, including credit monitoring services, to those potentially impacted. The company has also temporarily suspended certain IT systems as part of its containment efforts.
Broader Implications for the Fitness Industry
This breach highlights growing cybersecurity risks across the fitness and wellness sector, where member data—often including sensitive health and payment details—is a prime target for cybercriminals. Earlier this year, similar incidents were reported by other major chains, underscoring the need for robust data protection measures in an increasingly digital industry.
Industry analysts warn that companies must prioritize cybersecurity, not only to protect customer trust but also to comply with stringent European data regulations like the GDPR. Failure to do so can result in severe financial penalties and reputational damage.
Next Steps and Ongoing Investigation
Sats has engaged cybersecurity experts to conduct a forensic analysis and strengthen its defenses. The company expects to release further updates within the coming weeks as the investigation progresses. Customers and employees are advised to monitor communications from Sats and remain vigilant against potential phishing attempts or identity theft.
Read more: e24.no