Johnson Fitness and Wellness
| Primary URL | Location | Industry | johnsonfitness[.]com |
Country
Thailand
|
Retail
|
|---|
Profile
Johnson Fitness and Wellness operates as a multinational fitness equipment retailer with its headquarters located in Thailand. The company supplies a range of exercise machines and related products to suppliers, dealers, and end‑user customers across various international markets. Its business activities involve managing inventory, sales transactions, and service support for both commercial and residential fitness facilities. As part of its operations, the organization maintains internal operational documents, financial records, and personal data pertaining to employees, partners, and clients. The retailer’s presence in multiple countries indicates a cross‑border supply chain and distribution network.
In October 2022, Johnson Fitness and Wellness suffered a significant cyberattack carried out by the DESORDEN Group, which resulted in the theft of 71 gigabytes of sensitive data. The compromised information included internal operational documents, financial records, and personal details such as names, addresses, phone numbers, and dates of birth, while employee credentials were stored in plaintext. Attackers gained persistent access by pivoting through several servers over an extended period, bypassing existing security controls. Despite being presented with evidence of the breach, the company chose not to engage with the threat actors, prompting DESORDEN to attempt to sell the exfiltrated data on underground markets. This incident underscores the volume of data the retailer handles and highlights the cybersecurity risks faced by multinational firms in the fitness equipment sector.
