Inside the AG Energy Database Breach: 97K Australian Records Exposed

In March 2022, AG Energy -- an Australian solar energy company -- suffered a database breach that exposed the personal details of 97,879 customers. The compromised records were recieved by dark web forum users and have been circulating ever since, with renewed interest noted in subsequent years. For an energy provider holding home phone numbers and physical addresses, the privacy stakes are high.

What Attackers Can Do With AG Energy Customer Data

With full names, email addresses, and phone numbers in one dataset, attackers can launch convincing impersonation campaigns. Criminals posing as energy company representatives can call customers to extract banking details, payment information, or account credentials. The combination of contact data makes social engineering attacks accessable to even low-skilled threat actors who purchase the data cheaply on underground markets.

What Was Exposed in the AG Energy Breach

• Email Address
• First Name
• Last Name
• Phone Number

Why 97K Australian Energy Customers Face Lasting Risk

Energy sector breaches are particularly damaging because customers cannot easily change the personal details on file -- their name, phone number, and address remain stable targets. The AG Energy breach data has been observed on multiple dark web forums since March 2022, meaning Australian customers are still at risk of phishing, vishing, and identity fraud today.

How a Database Breach Works

A database breach occurs when an attacker gains unauthorized access to a company's backend data store. In incidents like the AG Energy breach, attackers typically exploit vulnerabilities in web applications or use stolen admin credentials to extract customer tables directly, then package and sell the data on dark web marketplaces for other criminals to exploit.

Check If Your Data Was Exposed

HEROIC's DarkWatch monitors over 400 billion breach records including the AG Energy breach. Australian customers can search their email or phone number now to find out if their personal information was included in this leak and receive real-time alerts whenever their data appears in future breaches.