[Info Numerama] A cyberattack hit an IT service provider from the energy group Engie. The company will inform the customers concerned after a leak of personal data on a forum.
A member of a hacker forum, named “HommedeLombre”, published on August 23 a customer database of the energy supplier Engie. He considers himself a hacktivist and claims to have exposed these files ” in response to gas price inflation in France “. He adds ” Strength to the hard workers, and to the French patriots! “.
Contacted by Numerama, Engie replied on August 30 that the group “ became aware of a cyber-malicious act concerning data on its website monespaceprime.engie.fr, operated by a service provider “. It would therefore be the latter who suffered the cyberattack. The hacker said he exploited a flaw in a system or software.
Verifications and analyzes are still in progress by the group’s cybersecurity teams. ” ENGIE is filing a complaint and, in accordance with its obligations under the GDPR, will collaborate as it systematically does with the competent authorities says a spokesperson for the group.
Engie will start contacting the people affected by this data leak today.
Personal information disclosed by the hacker
The hacker indicates that the list contains names, first name, email, city, telephone numbers as well as information on customers. The cybercriminal removed the home addresses, as he considers “ that it is not ethical for customers who have not asked for anything “.
Engie specifies that the data leak does not concern bank details or passwords. The energy supplier adds that ” the subject and scope of the information system in question has been brought under control “.
As for Pôle emploi recently, the hacker managed to extract data by attacking an IT service provider. A target that may be more easily reachable than a large group.
Subscribe to Numerama on Google News to not miss any news!
