SATS ASA: Updated scope of criminal data breach

01 Apr 2026 13:10 CEST

On March 24, SATS reported identified unauthorized access to a part of its IT
environment. The company now confirms that this incident constitutes a
criminal data breach and provides an update on its scope. The breach has been
reported to all relevant authorities.

Immediately upon detection, SATS activated its established security protocols
and managed to identify and remove the intruders, contained the breach, and
prevented further unauthorized access. As a precautionary measure, security
controls have been further strengthened. In parallel, a full team of external
cybersecurity specialists has been engaged, and an investigation is underway
to fully assess the scope and impact of the data breach.

"We take this very seriously. We are working diligently to clarify the scope
of the breach, limit its impact, and we have implemented the necessary
measures to further reduce risk. We remain committed to handling the situation
with care and transparency," says SATS CEO Sondre Gravir.

Importantly, SATS' member system has not been affected by the breach. This
system stores members' personal data, including credit card details, passwords
and photos.

There are no indications that the data breach involves any updated financial
information.

However, the investigation to date has identified unauthorized access to a
file server used for shared storage, primarily containing internal
administrative documents related to bookkeeping. Some of these documents
contain member names, and in some cases, also contact information. For a
limited group of members, the documents include some further personal data.
The ongoing investigation also indicates that personal data relating to a
group of employees has been affected. Affected individuals will be informed.

"The fact that some employee and member information has been compromised is
unfortunate. We are sorry for the consequences of this crime," says Gravir.

Finally, SATS reassures its members that all clubs across all markets remain
open and operate as normal. "We want to reassure our members that the breach
does not affect our services in any way, and everyone is welcome to exercise
as usual," Gravir concludes.

Investor Relations Contacts:
Cecilie Elde, Chief Financial Officer, phone: +47 924 14 195
Stine Klund, Investor Relations, phone: +47 986 99 259

Press Contact:
Kristin Fjeld, Press Contact, phone: +47 411 92 008

More information:
Access the news on Oslo Bors NewsWeb site