Clubfit Software reported to have suffered ransomware attack

Ransomware group KillSec has been reported to have as having hacked gym management software provider on Clubfit Software.

As reported by CyberDaily, the ransomware gang Clubfit Software as a victim on its darknet leak site earlier this month, claiming to have uploaded 1% of the data it claims to have stolen, which amounts to an archived file totalling nearly 200 gigabytes in size.

In a 24th November leak post KillSec advised “one per cent of data is published”, before linking to a file hosting site and advising of further posts.

CyberDaily added that the gang also shared several files as evidence of their alleged activity, including several gym membership agreements with customer names, addresses, phone numbers, emails, and emergency contact numbers. Many of the documents also appear to include signatures.

KillSec did not mention a ransom amount or a deadline to pay but does offer some payment information.

In a later update on the incident, KillSec added “company can pay for data deletion, and non-company related individuals may contact us to reach an agreement for data purchase.”

It went on to advise “message to the company: We are beginning to contact your clients and the sub-clients of your clients regarding the data leak, and we will publish everything on our blog,” the most recent update said.

The recently published full client list has 694 gyms, aquatic and recreation centres, boxing gyms and other fitness centres, including Anytime Fitness and several other well-known fitness franchises, alongside smaller operations.

KillSec began operations in October 2023 and rebranded itself as a ransomware-as-service operation in June 2024. According to its own description, KillSec is a “prominent hacktivist group operating in the cyber realm, operating since 2023”.

Clubfit Software provides a cloud-based gym management solution that tracks “payments, reporting, access control, marketing, statistical analytics, point of sale and much more”, according to the company’s website.

Several clients are listed on Clubfit Software’s website, including Input Fitness Health Club, All Aerobics Fitness and Valhalla Strength.

Industry operators including the Australian Sports Commission, Funlab, Life Saving Victoria, Raging Waters Sydney and YMCA NSW have been targeted by ransomware attacks in recent years.

Image credit: Shutterstock.