News and Updates on Information Technology

The Netherlands – Eneco

Exploit: Credential Stuffing
Eneco: Energy Company 

Risk to Small Business: 1.827 = Severe

Dutch energy supplier Eneco has warned tens of thousands of clients, including business partners, to change their passwords after a recent data breach following a suspected credential stuffing attack. The company reported that hackers accessed approximately 1,700 private and small business accounts. A separate group of approximately 47,000 customers is also being informed by email about the incident “as a precaution”. The investigation is still ongoing.

Individual Risk: 1.717 = Severe

The company stated that affected customers may have had their data “viewed and possibly changed by third parties,” but was unspecific about the exact impact.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Credential stuffing is a popular attack because it’s cheap, effective, and it’s been made so easy due to an abundance of Dark Web data to fuel it.