I-DE Redes Eléctricas Inteligentes, SAU, electricity distributor of the Iberdrola group, suffered on March 15 a cyberattack that exposed the personal data of around 1.3 million customers, as revealed by the National Institute of Cybersecurity (Incibe). The company confirmed the hack and alerted affected users. It also ensures that information stolen by cybercriminals does not contain bank or payment details. Neither details on electricity consumption.
The hackers, however, obtained personal information from around 10% of the utility’s customers. Among them, the first and last name, address, identification number, e-mail address or telephone number. The Iberdrola group assured that it was taking appropriate measures to prevent attacks of this caliber in the future. According to elDiario.esthe company suffered a similar attack the next day, but they were able to stop it in time.
The aforementioned media also points out that Iberdrola links this attack to the hacking of the website of the Congress of Deputies. This, remember, was a denial of service attack (DDoS). The objective of this type of attack is to saturate the servers until the web is inoperative with the massive sending of access requests. The portal, in particular, was inaccessible for about 45 minutes.
Incibe’s recommendations to users affected by the Iberdrola hack
incitefor its part, warned users who have received communication from Iberdrola to regularly check whether their private data appears on the Internet or is used without consent by third parties.
“If you have received the statement issued by the company, you should be vigilant and regularly monitor the information circulating on the Internet to detect if your personal data is being used without your consent”
Hackers often take advantage of these types of cyberattacks to collect data for use in future attacks. phishing campaigns. This tactic involves sending emails where hackers pose as a company asking to fix a billing issue or offering prizes or discounts. The goal, in most cases, is to steal users’ banking information. Iberdrola therefore also recommended to be careful and suspicious of suspicious emails, messages or calls that request financial data.