PayAsUGym hack exposes members' card details

PayAsUGym hack exposes members' card details

Fitness website PayAsUGym has admitted that members' financial details were stolen when one of its servers was hacked on Thursday.

The discovery was made by security experts who found partial card numbers and home addresses on a public website.

The company acknowledged there had been "confusion" over earlier claims that it did not hold any card details.

Security expert Troy Hunt advised customers to cancel their credit card if they think details have been stolen.

PayAsUGym, which sells passes for gyms around the UK, alerted its members to the security breach in an email on Friday which said "one of the company's IT servers was accessed by an unauthorised person".


While it said email addresses and passwords were accessed, it claimed "we do not hold any financial or credit card information".

The company said 300,000 customers details had been stolen.

He said the first six digits and last four digits of people's cards had been "dumped on a website, presumably by the perpetrator".

Mr Hunt explained that fraudsters can use computer algorithms to work out complete credit card details "within seconds".

"PayAsUGym has stated that there is no card data at risk, yet here we have a screen grab of a large amount of card data," he said. "There's some transparency lacking here."

PayAsUGym said it had started using new servers after speaking with cyber security professionals.

The website said it used a "tokenised system" for customer payments which, it says, means card details are stored at the payment gateway - not on its servers.

PayAsUGym's Mr Ward added: "We don't hold the full number for security reasons. The payment is then made using a tokenised system."

The company advised concerned customers to contact them.



Add Comment

all comments

  Other news

more
Carmarthenshire mum-to-be gets armed escort to hospital

Carmarthenshire mum-to-be gets armed escort to hospital..

29-May, 12:00

Armed officers who spotted a speeding car in west Wales discovered a...

US lawmakers seek to reverse Trump’s $110bn arms deal with Saudi Arabia

US lawmakers seek to reverse Trump’s $110bn arms deal with Saudi Arabia..

29-May, 07:48

Top Republicans and Democrats in Congress have called for the...

Emmerdale's Lucy Pargeter introduces twin baby daughters Missy Mabel and Betsey Maggie and reveals terrifying moment at birth when babies 'weren't breathing'

Emmerdale's Lucy Pargeter introduces twin baby daughters Missy Mabel and Betsey Maggie and..

29-May, 11:24

In an exclusive shoot and interview with OK! Magazine, Lucy Pargeter...

Improving wheat yields by increasing grain size, weight

Improving wheat yields by increasing grain size, weight..

29-May, 11:48

Larger, heavier wheat kernels -- that's how associate professor Wanlong...

Former Hillary Clinton aide writing memoir

Former Hillary Clinton aide writing memoir..

19-Apr, 18:16

A former Hillary Clinton aide and speechwriter is writing a book about...

Marathon Oil and Community Health skid; MoneyGram soars

Marathon Oil and Community Health skid; MoneyGram soars..

14-Mar, 17:18

Stocks that moved substantially or traded heavily on Tuesday: MoneyGram...

Seoul: North Korea fires ballistic missile off east coast

Seoul: North Korea fires ballistic missile off east coast..

04-Apr, 19:24

South Korea says North Korea has fired a ballistic missile into the...

O'Reilly apologizes for jest about Maxine Waters' hair

O'Reilly apologizes for jest about Maxine Waters' hair..

29-Mar, 09:40

Fox News personality Bill O'Reilly apologized Tuesday for saying he had a...