To the HIBP team,

I would like to suggest the inclusion of a significant recent data breach involving two major Italian energy utility companies: Dolomiti Energia and Sorgenia.

The breach is particularly noteworthy because the illicit access reportedly occurred on the same day (September 13th, based on company notifications) via a shared external vendor/ supplier used by both companies.

The affected users have been notified by the companies via email.

The stolen information is highly sensitive as it is sufficient for identity theft and unauthorized supplier switching. The data set includes:

Full Personal Data (Nome/Cognome, Date of Birth, Tax ID/Codice Fiscale).

Contact Information (Email Address, Phone Number).

Utility Supply Data (Crucial codes like POD/ PDR which identify the physical meter/point of delivery).

Payment Data (IBAN) for some customers, specifically reported in the Dolomiti Energia breach notification.

Adding this breach would be a significant help to millions of Italian users in protecting themselves from phishing and fraudulent contract activations.

Thank you for your valuable work.

Email for contacting Dolomiti Energia Data Protection Officer: info.privacy@cert.dolomitienergia.it