Last Update: 19th February 2021
As promised, as more information became clear in the investigation, we have now communicated with individuals where there was an increased risk. All individuals at increased risk have been offered additional support from our Incident Support Team.
Statement from 5th February 2021
On 26th January, Total Fitness’ threat detection software exposed a cyber-attack affecting our internal systems, processes, and communications. Immediately following the attack, our well-rehearsed recovery and continuity plans were instigated which included the lock down and securing of all Total Fitness information.
Total Fitness is continuing to respond to the ongoing ransomware attack likely to be by international serious and organised cyber-crime groups. The matter is subject to a live criminal investigation.
Our Incident Response Team are informing and collaborating with expert organisations including the National Cyber Security Centre, the North West Regional Organised Crime Unit, the National Crime Agency and the Information Commissioner's Office on what is a complex and sophisticated criminal act.
This type of ransomware attack is extremely unfortunate and sadly quite common, having happened to a number of other high-profile businesses and organisations particularly recently. Our incident response plan follows well established protocols to allay any worries that our members, staff or suppliers might have.
Confined Data
We are in the process of conducting a detailed forensic investigation into the attack. Based on our investigations to date, we have no evidence to support any damage or compromise to our membership database has occurred.
While our understanding of the incident is still evolving, we are aware that a number of files held on our internal systems have been compromised with reason to believe that this is contained to a small internal data set only.
To date we have taken these steps:
- All systems were immediately locked down before all Total Fitness information was migrated into a new ‘clean’ environment where it has been securely contained and restored with support from experts in this field
- Our systems are secured and ready for our re-opening as soon as government covid-19 restrictions are lifted
Ongoing Response
All Total Fitness health clubs were closed at the time of this attack due to the pandemic and access to the estate was not affected for our partners. This has allowed Total Fitness to focus all its efforts on the response to the attack.
Total Fitness continues to take the best professional advice from partners and the government, including the North West Regional Organised Crime Unit, government agencies and cyber security experts, with the response focused on remediation and recovery.
We will update this web page with more information from the investigation as it develops.
For the time being, Total Fitness needs to protect the criminal investigation and its systems. Consequently, some internal systems such as email and phones will remain offline in the short term.
Contacting us
If you have any queries relating to this information please get in touch via the form which will go to our Incident Response Team.
Total Fitness Members:
To protect the investigation and our systems our email and phone lines will remain offline in the short term. As the majority of our team are furloughed due to the pandemic, please accept our apologies in the delay in coming back to you, we hope to be back next week with a limited team.
If you have any queries relating to this information please get in touch via the form which will go to our Incident Response Team.
If you have questions regarding your membership, here is a reminder on what is happening during closure:
- All memberships have been automatically frozen from Tuesday 5th January 2021 (or earlier, depending on your home club)
- No membership payments will be collected during the closure period
- Depending on your last payment date, if you have paid for days you are now unable to use, your next payment due upon reopening will be adjusted to reflect this
- Check out our At Home workouts in the App, updated regularly throughout the closure period
Total Fitness suppliers or contractors:
- Contact us via the form
Cyber security advice:
Best Practice for the public:
- Check your bank statement regularly for any unusual payments that you don’t recognise
- Check your Credit Report (if you use one) regularly for newly opened accounts or credit searches that you don’t recognise
- Use strong passwords and change them regularly. Try to keep them at least eight characters long and use numbers, upper case, lower case and symbols.
- Never give out personal details over the phone unless you’re sure who you’re speaking to
- If you think you have been a victim of fraud you should report it to Action Fraud, the UK's national fraud and internet crime reporting centre, on 0300 123 2040.
Cyber security advice for our members and staff:
Visit https://www.ncsc.gov.uk/section/information-for/individuals-families
Cyber security advice for our suppliers and partners:
https://www.ncsc.gov.uk/section/information-for/small-medium-sized-organisations
Response and Recovery Infographic PDF