Saturday, May 3, 2025
HomeCyber Security NewsBodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Published on

SIEM as a Service

Follow Us on Google News

Bodybuilding.com, the internet’s biggest online store and an online forum for fitness and bodybuilding enthusiasts, recently became aware of the Data Security Incident that impacted its IT systems and announced that some of their customer related information may have been accessed cause of this.

It is one of the internet’s most visited sites, which has over seven million registered users on its forum, and its website receives over 30 million visitors per month. The last time the site dealt with a major security issue was in 2008 and now in 2019.

How the Breach Occurred

Bodybuilding.com was hit by a security breach, which involved unauthorized access to their systems. The store became mindful of it in February 2019 and engaged the data security firms to conduct a thorough investigation on it.

- Advertisement - Google News

Investigation proved the unauthorized activity, which occurred due to a phishing email received in July 2018. Hackers used this data they obtained from the phishing email to access the company’s network in February 2019.

The company didn’t say when it detected the intrusion, but it said it concluded its investigation on April 12, and could not rule out that personal information may have been accessed or not.

Data Affected

The possible information that could have been accessed might be the Customer’s name, email address, billing/shipping addresses, phone number, order history, any communications with Bodybuilding.com, birthdate, and any information included in the BodySpace profile, says “BodyBuilding”.

The company confirms that Social Security numbers and payment card details were not exposed, says the Company, as the site never collected this information in the first place but it also declares that the last four digits of the payment card could have been disclosed as it is stored when a customer opts to save their card for future use.

“While the Company has no evidence that personal information was accessed or misused, Bodybuilding.com is notifying current and former employees who are group health plan enrolls and relevant dependents and beneficiaries, out of an abundance of caution,” Bodybuilding.com stated in a press release.

You can follow us on Linkedin, TwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read

Microsoft Hacked – Hackers Compromised The Microsoft Employee’s Account to Gain Access the Customers Email

540 Million Facebook Users Personal Data Exposed to the Public Internet

Latest articles

Subscription-Based Scams Targeting Users to Steal Credit Card Information

Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by...

RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists

SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often...

Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss

Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem...

Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives

North Korean nationals have successfully infiltrated the employee ranks of major global corporations at...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Subscription-Based Scams Targeting Users to Steal Credit Card Information

Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by...

RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists

SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often...

Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss

Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem...