A hacker attack that affected 300,000 customers of the energy concessionaire Enel Distribuição São Paulo was disclosed by the company in an official statement on Monday (9).
According to the company, personal data, such as full names, addresses, telephone numbers, social security numbers, bank account numbers, electricity consumption and others, were disclosed on the internet. All are restricted to consumers in the Osasco area, he says. An internal verification process, he declares, is already underway, as well as the necessary contacts with authorities and affected people.
Apologizing “sincere apologies for what happened” and promising new measures “to prevent other events like this from occurring in the future” in an email sent to a Tecnoblog reader, the company points out that “it is not yet possible to conclude that the incident has given rise to risks significant, “while suggesting that everyone be on the lookout” for telephone or electronic communications from third parties that request your personal and confidential data (for example, passwords). ”
RG, date of birth, age, email, installed load and type of installation were other information listed in the retraction material. Data of this nature is a full plate for digital fraudsters.
What does Enel say?
The details revealed are in line with the measures required of companies by the General Data Protection Law (LGPD), which began in September and demands, among other actions, that those who go through this type of situation disclose the nature of the leaked data. , eventual risks and actions taken to reverse or mitigate possible effects of such spills.
For the time being, no sanctions are foreseen – which will be stipulated by the National Data Protection Authority (ANPD), still in composition. Our team contacted Enel, who issued the following official statement:
“Enel Distribuição São Paulo informs that it became aware of a local incident involving data about 4% of the company’s customer base, all from the municipality of Osasco. The company immediately started an internal verification process and is communicating the fact to the competent authorities. All customers that have been affected are being notified directly and individually, by letter or email from the company.
Enel Distribuição São Paulo follows strict global information security standards, based on the best market practices, and has been working continuously to ensure the security of its systems “.