Overview
- The intrusion targeted Endesa’s commercial platform and affects electricity and gas customers of Endesa and its reference supplier Energía XXI in both regulated and free markets, with activity traced to late December.
- Exposed fields include contact details, national ID numbers (DNI), contract information and in some cases bank IBANs, while account passwords were not compromised.
- Endesa says it has contained the incident, notified potentially affected users, and reported it to the Spanish data protection authority (AEPD) and national cybersecurity institute (Incibe) as police examine related dark‑web traces.
- Consumer group Facua has asked the AEPD to open a formal inquiry into Endesa’s safeguards and handling of the breach.
- The company reports services operating normally and urges vigilance against phishing attempts, as its shares fell about 1.3% following the disclosures.