The Sportmaster brand confirmed a data breach affecting its customer records. Information outlets, including TASS, reported this statement through a company representative.
Industry observers note that the organization has initiated an internal review and has informed Roskomnadzor about the incident as part of its compliance process.
According to a Sportmaster spokesperson, on December 31 a data archive containing customer details such as full names, birth dates, phone numbers, and email addresses was posted on a Telegram channel. The disclosure did not include user login credentials, payment details, or employee access information.
Analysts cited by TASS indicate that the exposed data may date back to 2019. The organization is actively examining the event to determine the root cause and to outline remediation steps. Early information suggests the leak originated through one of the company’s contractors who had access to the affected data.
Earlier reports indicated that Roskomnadzor would review the potential personal data breach involving Sportmaster customers and assess the situation for regulatory compliance and protective measures.
In line with personal data regulations, authorities stress that operators are required to report such incidents to the relevant supervisory body within one day of discovery, ensuring that corrective actions and notifications to affected individuals are initiated without delay. The ongoing investigation seeks to establish how the exposure occurred and to verify the scope of the compromised information, guiding the company toward stronger data governance and enhanced security controls.