Breach Report · Belgium
Belgian Sports/Fitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN Data
A threat actor claims to be selling a customer database from a Belgian sports/fitness business (gym branding visible in the post as “ANIMO”), advertising it as containing 105,000 customers with full IBAN banking details. The seller is offering tiered pricing with $90 per 1,000 customers or $8,500 for the full dataset.
Post details
Actor(s)shabat
SectorSports / Fitness (gyms)
TypeData Sale
FormatJSON
Price$90 per 1K customers / $8,500 for full database
Records~105,000
CountryBelgium
Date06/05/2026
Compromised data
- Customer ID and customer number
- First name, last name, date of birth, age, gender
- Customer status and card number
- Street, house number, ZIP, city
- Email address
- Private and mobile telephone numbers
- Account amount and consumption credit balance
- Later sale balance
- Last check-in time
- IBAN and BIC banking details
- Account holder name
- Tax ID
- Campaign name and image URL
Screenshots
