[BreachExchange] E.On customers left without gas and electricity after personal data stolen in security breach

Mon Jan 25 10:38:58 EST 2021

https://www.independent.co.uk/news/business/eon-customers-gas-electricity-data-b1791496.html

E.On customers using pre-payment meters have been left without gas and
electricity after the energy supplier took down its app because login
details were stolen.

Tens of thousands of households use E.On's app to top up their pre-pay
meters. The company has received hundreds of complaints online from
people unable to log in since it was taken down on 12 January, leaving
some struggling to power their homes in the middle of winter with
temperatures forecast to plunge as low as -10C in parts of the
country.

The German utility company deactivated the app after discovering that
hackers were trying to access customers' accounts using personal data
stolen from a third party.

It is not clear how or when the data was stolen. E.On did not say how
many customers may be affected or when its app might be back up and
running. Affected customers have been contacted and told to change
their passwords, the company said.

The security breach has left some vulnerable customers without power
during lockdown. Energy regulator Ofgem says that customers on PPMs
are more likely to be in vulnerable situations such as having existing
physical and mental health issues, or living in fuel poverty.

PPM customers are being advised to top up on E.On's website, however
some have experienced problems logging in and have been told to call a
phone line instead.

Some have experienced long delays on the phone line because of a
backlog of complaints about a separate computer issue which caused
customers to be overcharged on their direct debits.

E.On apologised for the delays and said the direct debit problem had
now been fixed.

A post on E.On's Facebook page dated 12 January notifying customers of
the security issue has received more than 1,100 responses.

One E.On customer wrote: "I cannot log into my account again, I have
tried ringing and messaging you to no avail. I'm running out of credit
on my meter.

"I'm shielding so can't just go to shop to top up as this poses a
danger please contact me I have sent several messages... I need help
ASAP."

E.On customer Elizabeth Daminger told The Independent that the key she
plugs into her meter to top it up had stopped working.

"They told my husband to go to the local shop to top up but it turned
out they don't sell the keys and haven't done for four years," Ms
Daminger said.

"My 70-year old husband went to two more places on his mobility
scooter. How can we stay at home when we are being treated like this?"

An E.On spokesperson said: "We have identified a potential threat
which comes from outside E.On where we believe someone has been trying
to access online accounts using password data stolen from another
company.

"We take the security of customer data very seriously and we have
locked those online accounts which may be at risk and written to any
customers who might be affected, asking them to reset their online
password.

“We are sorry that our Pay As You Go customers are unable to top up
via our app at the moment. As always, customers can still top up their
energy via our automated freephone line – 0800 015 6368 – or through
our website. We are working to have our app back up and running as
soon as possible.”