Several months ago we informed and engaged with one of Europe's leading Critical National Infrastructure companies, EDF.
We shared concerning security information that rendered EDF, a CNI energy provider, that due to their sub optimal security, that they, and their millions of clients, were susceptible to being targeted by cyber criminals and subsequently breached.
Such a breach would mean PII data exposure and non compliance with UKDPA, GDPR and other regulatory bodies privacy laws.
EDF decided to ignore and dismiss our research as well as the security implications. So today we decided to take another look to see if they have improved their internet security...
Sorry to say, they haven't. In fact, one of their domains that they actively encourage personal loans on, not only diverts to a non EDF domain, the certificate for their site expired on the 18th March 2021, 3 weeks ago...
There is such an alarmingly relaxed attitude to security. This negligence continues to jeopardise millions of customers and is totally unacceptable. EDF, once again we are informing you of your woeful security, please address it.
No discussions yet. Start a discussion below.
Get Published - Build a Following
The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.
If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.