Endesa Data Breach Exposes Customer Information
▼ Summary
– Hackers breached Spanish energy provider Endesa’s systems, accessing personal customer data related to contracts.
– The compromised data includes identification details, contact info, national ID numbers, contract specifics, and payment information like IBANs.
– Endesa has blocked compromised accounts, notified authorities, and is alerting customers, but states no passwords were exposed.
– Threat actors are allegedly selling a large database claimed to be from Endesa, containing around 20 million customer records.
– The company assures that its services remain operational and unaffected, while urging customers to be vigilant for fraud.
A major data breach at Spain’s leading energy provider, Endesa, has compromised sensitive customer information. The company, along with its operator Energía XXI, is alerting clients that hackers infiltrated its commercial platform, gaining access to personal data tied to energy contracts. This incident affects a vast network, as Endesa serves millions of electricity and gas customers across Spain and Portugal.
The unauthorized access was detected despite existing security protocols. In an official communication, the company stated that the breach involved specific customer data related to their contracts. The compromised information includes basic identification details, contact information, national identity numbers (DNI), contract specifics, and payment data such as IBANs. Importantly, the company confirms that account passwords were not exposed in this security event.
In response to the breach, Endesa took immediate action by blocking the compromised internal accounts and securing log records for a detailed forensic analysis. The firm has elevated its system monitoring to detect any further suspicious activity and has begun the process of directly notifying affected customers. As part of its regulatory obligations, Endesa has also formally notified the Spanish Data Protection Agency and other relevant national authorities.
The company’s current assessment suggests a contained risk. Its official statement notes that there is no present evidence of fraudulent use of the stolen data, making a high-impact scenario on individuals’ rights unlikely. Nevertheless, customers are strongly advised to exercise increased vigilance. They should be alert to potential identity theft, phishing attempts, or any unusual activity and are instructed to report suspicions using a contact number provided in the breach notification.
The situation escalated when a threat actor recently advertised a massive database for sale, claiming it contains approximately 20 million records stolen from Endesa. The seller alleges to possess around 1TB of SQL databases filled with customer information. The described data appears consistent with the types of information Endesa confirmed were accessed. When approached about these claims, a company spokesperson referred only to the previously issued official statement.
Energía XXI has emphasized that its operational services remain unaffected and that customers can continue using their services without interruption. The company has committed to providing further direct updates to customers in the coming days should the ongoing investigation reveal new, material details about the scope or impact of this data security incident.
(Source: Bleeping Computer)
