Bodybuilding.Com discloses protection breach


Bodybuilding.Com, the net’s largest on line save and on-line discussion board for health and bodybuilding enthusiasts, has disclosed final week a protection breach that impacted its IT systems.

Customer information could have been uncovered, the corporation stated in a brief message published on its website. Its body of workers isn’t certain if the attacker accessed purchaser data, even though.

A 1/3-party safety firm turned into hired to assist with the research, however forensics experts couldn’t verify that client facts was stolen from Bodybuilding.Com’s servers, both.


Bodybuilding.Com said investigators traced the unauthorized hobby to a phishing email its workforce received in July 2018. At least one employee appears to have fallen for this email.

Hackers used the records they obtained from this phishing e mail to get entry to the employer’s network in February 2019. Bodybuilding.Com didn’t say when it detected the intrusion, but it stated it completed its research on April 12. It went public with the safety breach every week later, on April 19.

Despite no longer understanding if hackers accessed purchaser statistics, Bodybuilding.Com decided to do the proper aspect and notify all of its customers of the security incident, as a precaution.

It also reset all users’ passwords as well, to prevent any abuse in case attackers did manipulate to scouse borrow any facts.

According to the corporation, if hackers did manipulate to get admission to and thieve client records, probably exposed information will encompass call, e-mail cope with, billing/delivery addresses, smartphone quantity, order records, any communications with Bodybuilding.Com, birthdate, and any records blanketed in BodySpace profiles.

Social Security numbers and charge card information have been no longer uncovered, the organisation said, because the web site never accumulated this information in the first region.

Besides notifying customers of the breach, Bodybuilding.Com is likewise alerting customers that scammers may additionally try and imitate its records breach disclosure notifications for on line fraud or phishing attacks.

Please observe that the email from Bodybuilding.Com does not ask you to click on any links or contain attachments and does not request your private records. If the email you received about this difficulty activates you to click on a link, suggests you down load an attachment, or asks you for records, the email become now not despatched with the aid of Bodybuilding.Com and can be an attempt to scouse borrow your personal data. Avoid clicking on hyperlinks or downloading attachments from such suspicious emails. Any link blanketed in our e mail to users directs customers to insert the Bodybuilding.Com FAQs URL into your browser and does not request your non-public statistics.

Bodybuilding.Com is one of the net’s most visited web sites, currently #1,657 on the Alexa website rating. The web page has over seven million registered users on its discussion board, and its website receives over 30 million visitors in keeping with month. The closing time the website online treated a primary protection problem turned into in 2008.