Endesa Confirms Security Incident Following Threat Actor Statement
Spanish energy company Endesa has confirmed a security incident that resulted in unauthorized access to its trading platform, compromising customer data. Endesa is the largest electricity supplier in Spain, serving more than 10 million customers. Confirmation of the incident comes after a threat actor posted on a cybercrime forum claiming to have stolen 1.05 terabytes of company data.
According to the Endesa Energía statement, the incident allowed “unauthorized and illegitimate” access to customers’ personal data.
Compromised Data and Response Measures
Data that was potentially compromised in the incident includes:
- Customer identification data
- Contact information
- National identification numbers (DNI)
- Contract details
- Possibly IBAN numbers
Endesa clarified that there is no evidence that customer passwords have been accessed by attackers. After detecting the incident, the company activated security protocols and blocked the compromised accesses. Endesa has notified affected customers and the relevant authorities, including the Spanish Data Protection Agency. The company is carrying out continuous monitoring and has initiated an investigation with its suppliers.
Risk Assessment and Recommendations
Despite the data theft, Endesa affirms that as of the date of the communication there is no evidence of fraudulent use of the data. The company considers a high-risk impact on customers unlikely. However, it warns that cybercriminals could try to impersonate customers, publish stolen data, or use it to launch phishing or spam campaigns.
Endesa urges customers to remain alert to suspicious calls, emails or messages and not to share personal or sensitive information with unknown contacts. The company has provided a customer service number (800.760.366) for those affected to report any concerns or suspicions of fraud.
Threat Actor Complaint
In parallel with Endesa’s announcement, a threat actor claimed on a hacking forum to have stolen 1.05 terabytes of data from the company, claiming to have “access to everything” and possess a database of more than 20 million people. The threat actor put the data up for sale on the forum.
The incident highlights the importance of cybersecurity in critical infrastructure and the need for constant vigilance by companies and their customers against possible fraud.
References
- Affected Company: Endesa Energía
- Notified Data Protection Authority: Spanish Data Protection Agency (AEPD)
- Compromised Data: Identification information, contact information, national identification numbers, contract data, possibly IBANs.