I-DE Redes Eléctricas Inteligentes, SAU, electricity distributor of the Iberdrola group, suffered on March 15 a cyber attack that exposed the personal data of approximately 1.3 million customers, as revealed by the National Cybersecurity Institute (Incibe). The company has confirmed the hack and has alerted affected users. It also ensures that the information stolen by cybercriminals does not include bank or payment details. Nor details on electricity consumption.
The hackers, however, did obtain personal information from approximately 10% of the utility’s customers. Among them, the name and surname, address, ID number, email address or telephone number. The Iberdrola group has assured that they are taking the appropriate measures to prevent attacks of this caliber in the future. According elDiario.esthe company suffered a similar attack the next day, but they were able to stop it in time.
The aforementioned media also stresses that Iberdrola relates this attack to the hacking of the website of the Congress of Deputies. This, remember, was a denial of service (DDoS) attack. The objective of this type of attack is to saturate the servers until the web is inoperative with the massive sending of access requests. The portal, in particular, was inaccessible for approximately 45 minutes.
Incibe’s recommendations to users affected by the Iberdrola hack
Incibefor its part, has warned those users who have received a communication from Iberdrola to check regularly if their private data appears on the Internet or is being used without consent by third parties.
“If you have received the statement issued by the company, you must be vigilant and regularly monitor what information circulates on the Internet to detect if your private data is being used without your consent”
Hackers often take advantage of these types of cyberattacks to collect data for use in future attacks. phishing campaigns. This tactic consists of sending emails where hackers impersonate a company requesting to solve a billing problem or offering prizes or discounts. The objective, in most cases, is to steal bank information from users. Iberdrola, therefore, has also recommended paying attention and distrusting suspicious emails, messages or calls that request financial data.