CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches

Spanish Energy Company Endesa Hacked

Hackers stole complete customer information, including contact details, national identity numbers, and payment details. The post Spanish Energy Company Endesa Hacked appeared first on SecurityWeek.

Electric utility hacked

Spanish energy company Endesa has notified customers that their information was compromised in a data breach.

Majority-owned by Italian utility company Enel Group, Endesa has approximately 10 million customers in Spain. It also serves over 10 million customers in other European countries.

In an incident notice on its website, the company said the data breach involved unauthorized access to its commercial platform. Customers of its gas distributor Energia XXI were also affected.

The hackers, the company says, accessed and likely exfiltrated basic customer identification information, contact details, national identification numbers (DNI), contract information, and payment details, including IBANs.

The energy giant says no passwords were compromised, that the incident was quickly contained, and that it has implemented additional safeguards.

“These measures include, among others, the immediate blocking of the compromised user accounts, the analysis of log files, and notification to all customers whose data have been compromised. We are also conducting continuous monitoring of our systems to detect any suspicious activity,” an automated translation of the company’s notice reads.

Endesa says it has no evidence that the stolen data was used maliciously, but advises customers to remain vigilant against identity theft, phishing, and other types of attacks.

“The company’s operations and services are functioning normally, and you can continue to use them,” Endesa said.

Many of the company’s customers took to X to complain about the data breach and the wording in the company’s notice, blaming it for negligence in protecting their information.

Endesa started notifying its customers of the incident roughly a week after a threat actor boasted on a hacker forum about hacking the company and stealing 1.05 terabytes of data from its systems.

The threat actor claims the exfiltrated information belongs to over 20 million Endesa customers, but some users have pointed out that the company does not have as many customers in Spain.

SecurityWeek has emailed Endesa for additional information on the data breach and will update this article if the company responds.

Related: Instagram Fixes Password Reset Vulnerability Amid User Data Leak

Related: Hackers Accessed University of Hawaii Cancer Center Patient Data; They Weren’t Immediately Notified

Related: 377,000 Impacted by Data Breach at Texas Gas Station Firm

Related: Dozens of Major Data Breaches Linked to Single Threat Actor

Latest News

CYBERNEWSMEDIAPublisher