Spanish energy giant Endesa says it was hit by data breach, customers affected and 20 million files allegedly put up for sale

News
By published

An unknown number of people affected by attack

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)
  • Endesa Energia suffered unauthorized access, exposing customer data and IBAN numbers
  • Hackers allegedly selling 20m records, 1TB SQL files, on dark web
  • Company warns of phishing, impersonation risks; investigation ongoing

Endesa Energia, the retail arm of one of Europe’s biggest energy providers, Endesa, S.A., has confirmed it recently suffered a cyberattack which saw it lose sensitive data on an undisclosed number of people.

In a press release, published in Spanish on the company’s website, Endesa Energia said it detected “unauthorized and illegitimate access” to its commercial platform.

“Despite the security measures implemented by this company”, the unnamed threat actors managed to access, and exfiltrate, certain personal data belonging to the company’s customers, including contact data, ID cards, and data related to Endesa Energia contracts. Even more painfully, the attackers stole payment information (mostly IBAN numbers), however passwords were not taken, so the hackers should not have access to people’s accounts.

Data for sale

A fully-fledged investigation is ongoing right now, but to tackle the incident, Endesa Energia ousted the hacker from its systems, analyzed the logs to see how much damage was done, and notified affected customers.

We don’t know exactly how many people are affected by this breach, but Spanish law enforcement and data watchdogs were also notified.

So far, there is no evidence that the data was abused, or sold on the dark web, the announcement further explains. However, BleepingComputer found a database for sale on the dark web, appearing to come from this incident.

In a new thread on an underground forum, a cybercriminal is offering the database, allegedly containing 20 million records, to a single exclusive buyer. The ad says the database contains around 1TB in SQL files.

Endesa warns that the crooks might try to “usurp or impersonate” the users, publish the data, or use it in phishing attacks. “That is why we recommend that you pay special attention to possible suspicious communications that you may receive in the coming days and that you report any anomaly or mistrust that you may detect in this regard,” the machine-translated announcement reads.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.