Wednesday, May 21, 2025
HomeCyber Security NewsBodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Published on

SIEM as a Service

Follow Us on Google News

Bodybuilding.com, the internet’s biggest online store and an online forum for fitness and bodybuilding enthusiasts, recently became aware of the Data Security Incident that impacted its IT systems and announced that some of their customer related information may have been accessed cause of this.

It is one of the internet’s most visited sites, which has over seven million registered users on its forum, and its website receives over 30 million visitors per month. The last time the site dealt with a major security issue was in 2008 and now in 2019.

How the Breach Occurred

Bodybuilding.com was hit by a security breach, which involved unauthorized access to their systems. The store became mindful of it in February 2019 and engaged the data security firms to conduct a thorough investigation on it.

- Advertisement - Google News

Investigation proved the unauthorized activity, which occurred due to a phishing email received in July 2018. Hackers used this data they obtained from the phishing email to access the company’s network in February 2019.

The company didn’t say when it detected the intrusion, but it said it concluded its investigation on April 12, and could not rule out that personal information may have been accessed or not.

Data Affected

The possible information that could have been accessed might be the Customer’s name, email address, billing/shipping addresses, phone number, order history, any communications with Bodybuilding.com, birthdate, and any information included in the BodySpace profile, says “BodyBuilding”.

The company confirms that Social Security numbers and payment card details were not exposed, says the Company, as the site never collected this information in the first place but it also declares that the last four digits of the payment card could have been disclosed as it is stored when a customer opts to save their card for future use.

“While the Company has no evidence that personal information was accessed or misused, Bodybuilding.com is notifying current and former employees who are group health plan enrolls and relevant dependents and beneficiaries, out of an abundance of caution,” Bodybuilding.com stated in a press release.

You can follow us on Linkedin, TwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read

Microsoft Hacked – Hackers Compromised The Microsoft Employee’s Account to Gain Access the Customers Email

540 Million Facebook Users Personal Data Exposed to the Public Internet

Latest articles

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...

RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed "RedisRaider," specifically targeting...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...