Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Threat actor claims the theft of full customer data from Spanish energy firm Endesa

Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a […]

Endesa

Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information.

Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information.

“In this regard, we regret to inform you that Endesa Energía has detected a security incident that has allowed unauthorized and illegitimate access to its commercial platform. This incident has compromised the confidentiality of certain data for which Endesa Energía is responsible.” reads the statement published by the company. “Despite the security measures implemented by this company, we have detected evidence of unauthorized and illegitimate access to certain personal data of our customers related to their energy contracts, including yours. “

Endesa is a major Spanish multinational electric utility company and the largest electricity provider in Spain. It generates, distributes and sells electricity and natural gas, serving over 10 million customers domestically. Endesa is a majority-owned subsidiary of Italian utility group Enel, which holds about 70 % of its shares.

The company has around 8,900 employees (2024 figure). In 2024, Endesa reported €21.3 billion in revenue and a net profit of about €1.89 billion, reflecting strong earnings growth compared with the previous year.

Endesa Energía said attackers accessed and may have exfiltrated customer identification, contact details, national ID numbers, contract data, and possibly IBANs, but not passwords. The company activated security protocols and blocked access that had been compromised. Endesa notified affected customers and authorities, including Spain’s Data Protection Agency. Continuous monitoring is underway while investigations with suppliers continue.

The energy company says it has found no evidence that attackers have misused the affected data, so it considers a serious impact on customers unlikely. However, criminals could still try to impersonate customers, publish stolen data, or launch phishing or spam campaigns.

“As of the date of this communication, there is no evidence of any fraudulent use of the data affected by the incident, making it unlikely that a high-risk impact on your rights and freedoms will materialize. Even so, this unauthorized access to your data by the malicious actor could lead to an attempt to impersonate you, publish this data (resulting in a loss of control over it), or use it to carry out phishing or spam campaigns against you.” concludes the statement.

Customers should stay alert to suspicious calls, emails, or messages and report any concerns to the Endesa call center at 800.760.366. The company advises never sharing personal or sensitive information with unknown contacts and to notify Endesa or law enforcement if fraud is suspected. The Spanish firm confirms that all operations and services continue to run normally.

Endesa did not disclose technical details about the attack that caused the data breach; however, a threat actor claimed on a cybercrime forum to have stolen 1.05 terabytes of data from the company.

Below is the message published by the threat actor on the hacking forum:

“!I hacked into Spain’s largest electricity and gas company (Endesa), access to everything, no one has this database except me.

This thread was accepted and the data was verified as real and unique.

Price: negotiable Total size: (1,055,950,885,115 bytes)

More than +20.000.000 people in one single .sql (fresh data, never seen)!”

Endesa
Source X

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)