Thursday, March 28, 2024

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Bodybuilding.com, the internet’s biggest online store and an online forum for fitness and bodybuilding enthusiasts, recently became aware of the Data Security Incident that impacted its IT systems and announced that some of their customer related information may have been accessed cause of this.

It is one of the internet’s most visited sites, which has over seven million registered users on its forum, and its website receives over 30 million visitors per month. The last time the site dealt with a major security issue was in 2008 and now in 2019.

How the Breach Occurred

Bodybuilding.com was hit by a security breach, which involved unauthorized access to their systems. The store became mindful of it in February 2019 and engaged the data security firms to conduct a thorough investigation on it.

Investigation proved the unauthorized activity, which occurred due to a phishing email received in July 2018. Hackers used this data they obtained from the phishing email to access the company’s network in February 2019.

The company didn’t say when it detected the intrusion, but it said it concluded its investigation on April 12, and could not rule out that personal information may have been accessed or not.

Data Affected

The possible information that could have been accessed might be the Customer’s name, email address, billing/shipping addresses, phone number, order history, any communications with Bodybuilding.com, birthdate, and any information included in the BodySpace profile, says “BodyBuilding”.

The company confirms that Social Security numbers and payment card details were not exposed, says the Company, as the site never collected this information in the first place but it also declares that the last four digits of the payment card could have been disclosed as it is stored when a customer opts to save their card for future use.

“While the Company has no evidence that personal information was accessed or misused, Bodybuilding.com is notifying current and former employees who are group health plan enrolls and relevant dependents and beneficiaries, out of an abundance of caution,” Bodybuilding.com stated in a press release.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read

Microsoft Hacked – Hackers Compromised The Microsoft Employee’s Account to Gain Access the Customers Email

540 Million Facebook Users Personal Data Exposed to the Public Internet

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles