A cyberattack extracts personal data from Endesa customers.
The energy company acknowledges a hack of its platform, but says that user passwords were not compromised.
BarcelonaEndesa Energía has acknowledged unauthorized access to its sales platform, resulting in the theft of customer data related to their contracts, including identity documents and payment information. A malicious actor bypassed the security measures implemented by the company on its sales platform in a recent security incident, and the company has already begun notifying affected users via email. This incident, described by the company as "unauthorized and illegitimate access," led to the theft of sensitive personal data from customers related to their electricity and gas contracts. According to the company's investigation, the malicious actor "had access and could have exfiltrated" contact information, identity documents, and bank account IBANs. Endesa Energía clarifies that access passwords were not compromised.
Although no misuse of the stolen data has been detected at this time, it warns that the malicious actor could attempt to impersonate customers, publish this data on digital forums, or use it to send fraudulent emails or messages as part of scam campaigns. phishing and spamHowever, the company considers it "unlikely" that this theft "will materialize into a high-risk impact on their rights and freedoms," although it recommends that customers be alert to "possible suspicious communications they may receive in the coming days" and urges them to report any suspicious activity.
![Hacker](data:image/svg+xml,%3Csvg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 9"%3E%3C/svg%3E)
Activation of security protocols
Upon learning of the incident, Endesa Energía activated its established security protocols and procedures for such cases, as well as "all necessary technical and organizational measures to contain it, mitigate its effects, and prevent its recurrence," and launched an internal investigation with its technology providers. The company also informed the National Cybersecurity Institute (Incibe) and the Spanish Data Protection Agency, as confirmed to ARA by Endesa sources.
The portal Digital ShieldThe company, which reported the hack at Endesa on January 6, indicated that the hacker who carried out the alleged cyberattack published details on a dark web forum on Sunday, January 4, revealing that he had obtained more than one terabyte (TB) of information. "Based on the table and file names, the data is extremely sensitive. It contains personal data, such as names, contact information, postal address, and account-to-person relationships; financial data, such as IBANs, billing information, and account history and changes; and energy data, such as CUPS codes (unique point identifiers, exemptions, and incident history)," the company stated. Digital Shield.
