One of the suppliers of Iberdrola suffered a cyber attack between May 5 and 7 causing “partial access to information” of around 850,000 clientsas announced this Wednesday The Spanish. The data that was exposed were names, surnames, their respective ID numbers and other contact information.
According to Invertia,The Spanish and company sources confirmed to EFE on May 7, Iberdrola detected “unauthorized access” to this data that was “immediately” stopped and made aware of both the Spanish Data Protection Agency as well as the State Security Forces and Bodies.
Subsequently, the multinational conveyed what happened to the clients themselves so that they were aware of the incident and could take protective measures.
The incident was corrected immediately, as the company has communicated to the affected users. The company neutralized it and activated the relevant measures to prevent it from happening again.
The Curenergía email
“Despite our efforts, we inform you that between May 5 and 7, one of our suppliers suffered a cyber attack that resulted in partial access to our clients’ data,” reads the email sent by Curenergía and consulted by EFE.
And he continues: “As soon as we detected the attack, we neutralized it and activated reinforcement measures to prevent its repetition. Additionally, we brought the facts to the attention of the competent authorities, including the Spanish Data Protection Agency.”
In said communication, Iberdrola recommends providing “special attention” to emails or mobile messages that do not have clear identification of the sender or when confidential information is requested such as the account number or card passwords.
“Neither Curenergía nor any other company in the group is going to request them from you by these means,” he adds.
It also asks that links not be opened unless you have “full confidence” in their origin, and suggests contacting the mobile telephone operator if you observe any incident.
There are several cases of cyber attacks to companies to try to access customers’ personal information. In March, the flight company Air Europa also warned of a possible leak of passenger data.
On May 14, Santander bank also received a cyber attack. The company warned of a “Unauthorized access” to a database with information on its clients belonging to Spain, Chile and Uruguay. However, the financial entity assured that no extraction of user passwords occurred.
