Hacker attack in Darmstadt: Customer data is on the dark web

As Entega reports, consumption data and bank details, among other things, were stolen and published in June. What precautions are being taken now?

Customer data was stolen during the hacker attack on the Entega.  Symbolic photo: Brian Jackson/Fotolia

Customer data was stolen during the hacker attack on the Entega.
(Symbolfoto: Brian Jackson/Fotolia)

DARMSTADT – Cyber ​​criminals who attacked the Entega IT subsidiary Count+CareE GmbH & Co. KG on the second weekend in June placed personal data from Entega customers, employees and business partners on the so-called dark web. According to the current state of knowledge, the criminal publication of the data affects “a large number of customers of Entega and its subsidiaries, their names, addresses and consumption data”, reports Entega.

“We deeply regret this incident. Since the beginning of the criminal attack, together with the investigating authorities, we have done everything we can to clarify the incident and quickly restore the affected systems,” says Entega company spokesman Michael Ortmanns. Currently, it is still being evaluated at high pressure which data was stolen. “We will immediately provide all information about the criminal attack and its consequences on our website,” said the spokesman.

Entega customers’ passwords have been reset

CountT+Care, a subsidiary of Entega AG, fell victim to a cyber attack in June. Among other things, the company’s websites and customer portals were blocked. The affected IT systems were immediately isolated, secured and an investigation by external IT specialists was initiated and Entega had immediately informed the relevant data protection and security authorities. According to Ortmanns, there was never a danger to the so-called critical infrastructure – i.e. gas, electricity, water and district heating networks.

Information about hacker attack

Under informed Entega in detail about the consequences of the criminal attack. In addition, affected customers can call the company on the free number 0800-048048055 reach personally.

The damage caused by the cybercriminals has now been largely repaired. The websites and customer portals of Entega can be accessed normally again. Extensive measures have been taken to protect those affected as comprehensively as possible. These include, among other things, resetting the password when accessing online. Entega asks customers to be vigilant for suspicious letters, emails, phone calls (mobile/landline), text messages or other unusual activity, particularly on online accounts, including

The bank details of some customers were also published. Those affected will be informed individually. Entega asks these customers in particular to check their bank accounts regularly and, if necessary, to change the passwords used for online banking. However, the company points out that due to the Europe-wide binding two-factor authentication for online banking, the risk of unauthorized transfers is low.

There is also a risk of criminal use of the data for the other parties involved. In individual cases, it could happen that those affected receive more spam mails or unsolicited advertising calls in the future. In addition, the address data could be used for unwanted orders on the Internet. In principle, only packages should be accepted if it can be guaranteed that they were actually ordered.

Customer data from Mainzer Stadtwerke, which was also affected by the hacker attack, has now appeared on the dark web. More about this here.

This article was originally published on July 20, 2022 at 1:23 p.m.