Be careful if you have subscribed to Engie! A group of renowned hackers claims to have hacked the energy supplier and seized part of customers’ personal data. It remains to be seen whether they are telling the truth.
The current context is particularly electric for French companies and organizations! With the Olympics fast approaching, the country is facing a surge in cyberattacks. Whether hospitals, banks, operators or public institutions, absolutely no one is spared! This time, it seems that it is Engie’s turn to pay the price. The Lapsus$ cybercriminal group claimed responsibility, on Sunday May 5, 2024, for hacking the energy giant, subsequently publishing a sample of the latter’s confidential data, some of which allegedly belonged to its customers. The leak concerns in particular their names, addresses, request numbers, appointment dates, brands and models of equipment used. So, real hack or bluff?
Engie hacking: bluff or major leak?
Lapsus$ is not an unknown hacker group, it has some major hacks under its belt. He notably attacked Microsoft, Cisco, Samsung, Nvidia, Electronic Arts (EA) and Okta, a company specializing in identity and access management, but also Rockstar Games and Uber. Remember, in 2022, GTA VI, one of the most anticipated games, was the subject of an unprecedented hack, on a colossal scale. More than 90 videos circulated on the Internet and the source codes of the game had been stolen. Although the person responsible, an 18-year-old teenager belonging to the group, had indeed been arrested, the cybercriminals’ operations had not stopped.
Afterwards, it would not be the first time that Engie would be the victim of hacking. One of its IT service providers had already been the victim of a cyberattack in August 2023, and the personal data of more than 130,000 customers had been stolen (see our article). If you are an Engie customer, we advise you to remain vigilant and carefully monitor your account activity. If personal data has indeed been stolen, you may soon become the victim of sophisticated phishing campaigns. Beware of emails and SMS messages that you may receive supposedly coming from Engie. The energy supplier is not immune to identity theft!