The electricity giant Endesa acknowledged that the incident, although now contained, allowed a malicious actor to access its system. The data that «could have been exfiltrated» includes personal contact information, the DNI (ID number), contract details with Energía XXI, and potentially payment methods such as the bank account IBAN.
“"We regret to inform you that Energía XXI has detected a security incident that allowed unauthorized and illegitimate access to its commercial platform."
The company indicated that despite the severity of the sensitive data leak, customer access data and passwords were not compromised. However, they warn that the illicit access to this information «could lead to attempts to impersonate your identity, publish this data, or use it to carry out phishing actions or send spam».
Given this risk, the cyber investigation firm onBRANDING recommends that customers distrust any communication that «requests data or includes links», whether via email, SMS, or WhatsApp. It is crucial never to provide personal or banking information and to regularly check bank movements.
As essential security measures, customers are advised to change important passwords and activate two-factor authentication to strengthen account protection. Customers who wish to verify if their email address has been leaked can use the search engine on the cybersecurity website Have I Been Pwned. In case of suspicion, Endesa recommends contacting its telephone service center by calling 800 760 250.
