CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Endesa Data Breach Exposes Customer Contract Information

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Spanish energy giant Endesa and its subsidiary Energía XXI disclosed a data breach affecting customer contract-related information, including personal details. The breach did not expose account passwords, and the company has taken steps to mitigate the incident, including blocking access to compromised accounts and enhancing monitoring. The investigation is ongoing, and the company has notified relevant authorities. Additionally, threat actors claimed to have stolen 20 million records, offering them for sale, though the company has not confirmed the extent of the data theft.

Timeline

  1. 12.01.2026 17:57 1 articles · 23h ago

    Endesa Data Breach Disclosed

    Endesa and Energía XXI disclosed a data breach affecting customer contract-related information, including personal details. The company has taken steps to mitigate the incident, including blocking access to compromised accounts and enhancing monitoring. Threat actors claimed to have stolen 20 million records, offering them for sale, though the company has not confirmed the extent of the data theft.

    Show sources
    Open in new tab

Information Snippets

  • Endesa, the largest electric utility company in Spain, serves over 10 million customers in Spain and Portugal, with a total of 22 million clients.

    First reported: 12.01.2026 17:57
    1 source, 1 article
    Show sources

  • The breach involved unauthorized access to contract-related information, including basic identification details, contact information, national identity numbers (DNI), contract details, and payment details (including IBANs).

    First reported: 12.01.2026 17:57
    1 source, 1 article
    Show sources

  • The company has blocked access to compromised internal accounts, dumped log records for analysis, and established elevated monitoring to detect further suspicious activity.

    First reported: 12.01.2026 17:57
    1 source, 1 article
    Show sources

  • Threat actors claimed to have stolen 20 million records, offering them for sale, with samples allegedly matching the data accessed in the breach.

    First reported: 12.01.2026 17:57
    1 source, 1 article
    Show sources