Last updated 1 week ago
Spanish energy company Endesa disclosed a data breach involving unauthorized access to a commercial platform used to manage customer information. Attackers listed over 1 terabyte of data, including IBANs and other customer information. The breach was reported in Check Point Research's Threat Intelligence Bulletin for the week of January 19, 2026.
Unauthorized access to a commercial platform used to manage customer information
The breach highlights vulnerabilities in commercial customer management platforms. Security controls around access management and data protection for customer-facing systems failed. Recommendations include implementing stronger authentication mechanisms, regular security audits of third-party platforms, and enhanced monitoring for unauthorized access to sensitive customer data.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector