The logo of the Spanish utility Iberdrola Reuters
Data of 850,000 Iberdrola customers up for sale after cyber-attack in Spain

Data of 850,000 Iberdrola customers up for sale after cyber-attack in Spain

One of the electricity company's suppliers was hacked in early May, stealing 1.5 gigabytes of non-confidential information used for phishing

Melchor Sáiz-Pardo


Friday, 31 May 2024, 14:43


A cyber-attack has stolen the data of 850,000 Iberdrola customers, which represents 8% of its users: 600,000 from Iberdrola Clientes, its free market subsidiary, and another 250,000 from Curenergía, its regulated market supplier. According to company sources, the hackers managed to break into one of the files where customer data is collected between 5 and 7 May, exploiting an error in the security systems of an external supplier of the electricity giant.

In different Telegram forums and other hacker platforms on the dark web the stolen information is already for sale. The thieves claim to have stolen 1.5 gigabytes of information, as confirmed by state security sources.

Iberdrola, according to the information it has provided to affected customers, all of whom are residents of Spain, "immediately" corrected the security breach that led to the data leak.

According to the analysis of the technicians of the corporation, which has 400 specialists deployed around the world in cybersecurity work, the information that was uncovered was the names, surnames, ID numbers and contact details of these hundreds of thousands of users. Specialists claim that no more compromising data such as passwords, personal codes or bank account numbers have been leaked.

The hacking was brought to the attention of the Spanish Data Protection Agency and law enforcement agencies.

Although the exfiltrated information does not include data such as passwords, personal codes or account numbers, this type of affiliation information is very useful for criminals, because they are often used in phishing attacks against customers, impersonating the identity of the telecommunications operator in an attempt to obtain passwords.

Pay "special attention" to messages

The company has therefore asked its customers to pay "special attention to e-mails or mobile phone messages that do not clearly identify the sender, when they ask for confidential information such as your account number, payment card details or service access codes". "Neither Iberdrola nor any other company in the group will ask you for them by these means," states the e-mail sent by Iberdrola, which has also asked its users not to open links included in e-mails, mobile phone messages or instant messaging services if they do not fully trust the sender.

Cyber-attacks against large Spanish companies have skyrocketed since the start of the war in Ukraine. Last Tuesday, Telefónica acknowledged that it is investigating the potential theft and leakage of data of around 120,000 users and workers of the company. The alleged 'hacking' became known through several hacker forums, where the alleged thieves have offered a company database with more than 2.6 million records.

A fortnight ago it was Banco del Santander that reported to the National Securities Market Commission (CNMV) that it had suffered "unauthorised access to a database" containing information on its customers in Spain, Chile and Uruguay. The file that was breached also contained data on "all employees and some former employees of the group", with the exception of Germany. In total, information on some 200,000 workers and former workers.

Reporta un error en esta noticia

* Campos obligatorios