What Happened
In November 2024, specifically around November 10-11, German electricity provider Tibber suffered a data breach when hackers, including threat actor “888,” infiltrated its online store systems and leaked customer data on darknet forums. The incident affected approximately 50,000 customers, primarily in Germany, exposing names, email addresses, partial addresses or geographic locations (city/postcode), order histories, and spending/purchase amounts, though Tibber confirmed no payment details, consumption data, or passwords were compromised—disputing hacker claims of 243,000 records as likely duplicates. Tibber acknowledged the breach, reported it to Berlin police, notified affected users, engaged cybersecurity experts for investigation and security enhancements, and urged customers to monitor accounts and beware of phishing.
