Gym chain Sats has confirmed a data breach affecting employees and members after a mid-March cyberattack. Sensitive HR data and member information have surfaced on the darknet, according to IT expert Karl Emil Nikka. The company is still investigating the full scope.
Gym chain Sats faced a hacker attack in mid-March. Initially deemed limited, the breach later appeared more extensive. On Wednesday, Sats reported that hackers accessed an internal shared storage server mainly used for accounting. Documents there included member names, contact details, and for some, additional personal information. Employee personal data also leaked.
CEO Sondre Gravir expressed regret in a statement: “Att information om anställda och medlemmar har påverkats är olyckligt. Vi beklagar konsekvenserna av detta brott.” Nordic PR chief Kristin Fjeld said a group of employees is affected and will be contacted directly, but exact figures await confirmation from the investigation. The incident has been reported to police.
IT security specialist Karl Emil Nikka from SSF Stöldskyddsförening discovered on April 1 data on over 10,000 registered users on the darknet, including names, postal addresses, phone numbers, and member numbers. Sensitive HR information such as termination agreements and investigations involving staff also leaked. “Bland de anställda så har det läckt ut betydligt värre saker,” Nikka said.
The attack comes from a hacker group active since summer 2025, which extorts hundreds of organizations by threatening to publish stolen data unless paid. Sats urges reliance solely on official information as the investigation continues.
