- Endesa Energia suffered unauthorized access, exposing customer data and IBAN numbers
- Hackers allegedly selling 20m records, 1TB SQL files, on dark web
- Company warns of phishing, impersonation risks; investigation ongoing
Endesa Energia, the retail arm of one of Europe’s biggest energy providers, Endesa, S.A., has confirmed it recently suffered a cyberattack which saw it lose sensitive data on an undisclosed number of people.
In a press release, published in Spanish on the company’s website, Endesa Energia said it detected “unauthorized and illegitimate access” to its commercial platform.
“Despite the security measures implemented by this company”, the unnamed threat actors managed to access, and exfiltrate, certain personal data belonging to the company’s customers, including contact data, ID cards, and data related to Endesa Energia contracts. Even more painfully, the attackers stole payment information (mostly IBAN numbers), however passwords were not taken, so the hackers should not have access to people’s accounts.
Data for sale
A fully-fledged investigation is ongoing right now, but to tackle the incident, Endesa Energia ousted the hacker from its systems, analyzed the logs to see how much damage was done, and notified affected customers.
We don’t know exactly how many people are affected by this breach, but Spanish law enforcement and data watchdogs were also notified.
So far, there is no evidence that the data was abused, or sold on the dark web, the announcement further explains. However, BleepingComputer found a database for sale on the dark web, appearing to come from this incident.
In a new thread on an underground forum, a cybercriminal is offering the database, allegedly containing 20 million records, to a single exclusive buyer. The ad says the database contains around 1TB in SQL files.
Endesa warns that the crooks might try to “usurp or impersonate” the users, publish the data, or use it in phishing attacks. “That is why we recommend that you pay special attention to possible suspicious communications that you may receive in the coming days and that you report any anomaly or mistrust that you may detect in this regard,” the machine-translated announcement reads.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/YsReok3f8M9yESRDbeGJVH-970-80.jpg
Source link
