Monday, September 9, 2024
HomeCyber Security NewsBodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Published on

Bodybuilding.com, the internet’s biggest online store and an online forum for fitness and bodybuilding enthusiasts, recently became aware of the Data Security Incident that impacted its IT systems and announced that some of their customer related information may have been accessed cause of this.

It is one of the internet’s most visited sites, which has over seven million registered users on its forum, and its website receives over 30 million visitors per month. The last time the site dealt with a major security issue was in 2008 and now in 2019.

How the Breach Occurred

Bodybuilding.com was hit by a security breach, which involved unauthorized access to their systems. The store became mindful of it in February 2019 and engaged the data security firms to conduct a thorough investigation on it.

- Advertisement - EHA

Investigation proved the unauthorized activity, which occurred due to a phishing email received in July 2018. Hackers used this data they obtained from the phishing email to access the company’s network in February 2019.

The company didn’t say when it detected the intrusion, but it said it concluded its investigation on April 12, and could not rule out that personal information may have been accessed or not.

Data Affected

The possible information that could have been accessed might be the Customer’s name, email address, billing/shipping addresses, phone number, order history, any communications with Bodybuilding.com, birthdate, and any information included in the BodySpace profile, says “BodyBuilding”.

The company confirms that Social Security numbers and payment card details were not exposed, says the Company, as the site never collected this information in the first place but it also declares that the last four digits of the payment card could have been disclosed as it is stored when a customer opts to save their card for future use.

“While the Company has no evidence that personal information was accessed or misused, Bodybuilding.com is notifying current and former employees who are group health plan enrolls and relevant dependents and beneficiaries, out of an abundance of caution,” Bodybuilding.com stated in a press release.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read

Microsoft Hacked – Hackers Compromised The Microsoft Employee’s Account to Gain Access the Customers Email

540 Million Facebook Users Personal Data Exposed to the Public Internet

Latest articles

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...