Spanish vitality firm Endesa has notified clients that their info was compromised in an information breach.
Majority-owned by Italian utility firm Enel Group, Endesa has roughly 10 million clients in Spain. It additionally serves over 10 million clients in different European international locations.
In an incident discover on its web site, the corporate stated the information breach concerned unauthorized entry to its business platform. Clients of its fuel distributor Energia XXI have been additionally affected.
The hackers, the corporate says, accessed and certain exfiltrated fundamental buyer identification info, contact particulars, nationwide identification numbers (DNI), contract info, and cost particulars, together with IBANs.
The vitality large says no passwords have been compromised, that the incident was rapidly contained, and that it has carried out extra safeguards.
“These measures embrace, amongst others, the quick blocking of the compromised consumer accounts, the evaluation of log recordsdata, and notification to all clients whose knowledge have been compromised. We’re additionally conducting steady monitoring of our methods to detect any suspicious exercise,” an automatic translation of the corporate’s discover reads.Commercial. Scroll to proceed studying.
Endesa says it has no proof that the stolen knowledge was used maliciously, however advises clients to stay vigilant in opposition to id theft, phishing, and different varieties of assaults.
“The corporate’s operations and companies are functioning usually, and you’ll proceed to make use of them,” Endesa stated.
Lots of the firm’s clients took to X to complain in regards to the knowledge breach and the wording within the firm’s discover, blaming it for negligence in defending their info.
Endesa began notifying its clients of the incident roughly every week after a menace actor boasted on a hacker discussion board about hacking the corporate and stealing 1.05 terabytes of information from its methods.
The menace actor claims the exfiltrated info belongs to over 20 million Endesa clients, however some customers have identified that the corporate doesn’t have as many purchasers in Spain.
SecurityWeek has emailed Endesa for extra info on the information breach and can replace this text if the corporate responds.
Associated: Instagram Fixes Password Reset Vulnerability Amid Person Information Leak
Associated: Hackers Accessed College of Hawaii Most cancers Heart Affected person Information; They Weren’t Instantly Notified
Associated: 377,000 Impacted by Information Breach at Texas Fuel Station Agency
Associated: Dozens of Main Information Breaches Linked to Single Menace Actor
