Spanish energy giant Endesa on Monday said a cyberattack had compromised the personal data of some of its millions of customers but ruled out fraudulent use of the information.
A “malicious actor” accessed data related to customer energy contracts, contact details, ID numbers and payment methods, the company said in a message to clients and posted on its website.
“In no case have password access data been compromised,” Endesa said, adding that its security protocols contained and mitigated the incident “immediately and satisfactorily”.
“There is no record of any fraudulent use of the data affected by the incident, making it unlikely that a high-risk impact on your rights and freedoms materialises,” the letter said, without specifying when the hack happened.
Endesa declined to state how many customers had been affected. The company says it has more than 10 million in Spain and Portugal.
The group said it was investigating “to obtain a full understanding of what happened” and had notified the breach to the authorities, including Spain’s data protection agency.
In November, Spain’s flag carrier Iberia said hackers had accessed private customer data, but added that there were no signs of fraudulent use.
Add Comment