ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

People's Energy Data Breach

peoplesenergy.co.uk
Limited exposure
Verified breach Passwords exposed
Accounts exposed 358,822
Breach date 16 Dec 2020
Added to tracker 23 Feb 2021
Data classes 6

What happened

In December 2020, the UK power company People's Energy suffered a data breach. The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth. The incident also included People's Energy staff email addresses and bcrypt password hashes (no customer passwords were exposed).

Exposed data

Dates of birth Email addresses Names Passwords Phone numbers Physical addresses

Recommended actions

  • Change your People's Energy password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing People's Energy โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP