Glofox

In March 2020 the fitness management software provider Glofox experienced a significant data breach. The incident led to the exposure of approximately 2.3 million membership records. The leaked database contained sensitive user information including full names, email addresses, phone numbers, gender, and dates of birth. Additionally, user passwords were discovered in the form of unsalted MD5 hashes, which are considered highly vulnerable to cracking and brute force attacks. The breach impacted gym members and fitness studio clients globally who utilized the Glofox platform for membership management and scheduling.