Overview
- The intrusion targeted Endesa’s commercial platform, affecting customers in both the regulated tariff and open-market segments through Energía XXI.
- Extracted information includes contact details, contract records, national ID numbers (DNI) and bank IBANs, while customer passwords were not compromised.
- Endesa has begun notifying affected users and regulators, activated containment protocols, and is analyzing access logs to assess impact.
- Spanish police are investigating dark‑web postings linked to the incident, and a security outlet reported an unverified claim of more than 1 TB of data tied to over 20 million people.
- No fraudulent use has been detected to date, customers are urged to report suspicious activity to the 800 760 366 hotline, and Endesa shares fell roughly 1.3% at mid‑day.