Find notable cyber news and cases, enriched with sources, timelines, and signals.

Endesa and Energía XXI customer data leak after unauthorized access

Data Leak
First reported
Last updated
Happening score
H score 70
1 unique sources, 2 articles

Summary

Hide ▲

Endesa and Energía XXI disclosed unauthorized access to their commercial platform that exposed customer contract data tied to energy accounts. The exposed records included basic identification details, contact information, DNI, contract details, and IBAN payment data, while account passwords were not exposed. The company is notifying customers, has alerted the Spanish Data Protection Agency, and says there is no evidence of fraudulent use yet, though attackers also allegedly offered stolen data for sale.

Related Happenings

FortiBleed Fortinet/FortiGate VPN credential leak

Data Leak
H score80 First: 17.06.2026 18:12 Last: 17.06.2026 18:12 Sources 1

About this happening: **FortiBleed** is a **data leak** of **Fortinet/FortiGate VPN credentials** that now includes a verified database of **86,644 confirmed working credentials** collected from **inte...

Latest development: 19.06.2026 09:47

CISA urged Fortinet customers to secure FortiGate appliances after nearly 74,000 firewall and VPN credentials were exposed in the FortiBleed leak. The agency advised affected owners to terminate SSL VPN and administrative sessions, reset VPN and administrative passwords, enable phishing-resistant multifactor authentication, review logs for unauthorized access or lateral movement, store admin credentials with PBKDF2, restrict firewall management interfaces from public internet access, and remove unauthorized accounts.

TriZetto Provider Solutions hit by cyberattack

Incident
H score61 First: 06.03.2026 21:50 Last: 06.03.2026 21:50 Sources 1

About this happening: TriZetto Provider Solutions disclosed a **data breach** involving **unauthorized web portal access** that exposed sensitive information for **3,433,965 people**, creating signific...

AkzoNobel partial Anubis data leak

Data Leak
H score50 First: 04.03.2026 01:00 Last: 04.03.2026 01:00 Sources 1

About this happening: **AkzoNobel** faces a **partial data leak** after **Anubis ransomware** claimed it stole **170GB of data** and **almost 170,000 files**. The leak site posted **sample screenshots*...

LexisNexis Legal & Professional data leak after AWS intrusion

Data Leak
H score41 First: 03.03.2026 17:40 Last: 03.03.2026 17:40 Sources 1

About this happening: **FulcrumSec** leaked **2GB of files** tied to **LexisNexis Legal & Professional**, exposing customer and business information that could be used for follow-on abuse. The company...

Flickr users' member information exposure via third-party email provider vulnerability

Data Leak
H score26 First: 06.02.2026 11:43 Last: 06.02.2026 11:43 Sources 1

About this happening: Flickr disclosed a **potential data leak** affecting **users' member information** after a **third-party email service provider vulnerability** may have exposed **real names, emai...

Timeline

  1. 12.01.2026 17:57 3 articles · 5mo ago

    Endesa and Energía XXI disclose customer data access

    Initial Disclosure

    Endesa and Energía XXI notify customers that unauthorized access to the commercial platform exposed contract-related personal data, including basic identification details, contact information, DNI, contract details, and IBANs, while account passwords were not exposed. The company says it blocked compromised internal accounts, dumped log records for analysis, began notifying affected customers, and alerted the Spanish Data Protection Agency and other authorities, while warning recipients to watch for identity impersonation, data theft, and phishing. A separate claim also says samples of stolen Endesa data and about 20 million records were offered for sale, with the seller alleging roughly 1TB of SQL databases containing customer information.

    Show sources