EDP
Company Details
Linkedin ID:
edp
Website:
Employees number:
13,888
Number of followers:
459,233
NAICS:
22
Industry Type:
Homepage:
edp.com
IP Addresses:
35
Company ID:
EDP_3158362
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
EDP Vendor Cyber Rating & Cyber Score
edp.comOur story began more than 40 years ago. Today we are a global company, among the largest players in the energy sector in Europe and the 4th largest producer of wind energy. We are proud to be a leading utility integrated in the Dow Jones Sustainability Indexes (World). We want to build a new energy by promoting renewable sources. To do this, we have chosen ... ... to be 100% green by 2030; ... to be Net Zero by 2040; ... to innovate, to shape the energy sector; ... empower our communities to live more sustainably. Ours is the energy that strives to create a better future, inspired by people from four regional hubs. It is the energy that knows no borders, that never sleeps, and that connects us to you. We will harness wind, sun and water to lead the energy transition. We will all be green. We choose the Earth. Welcome to the official EDP Group LinkedIn page.
EDP A.I CyberSecurity Scoring
EDP Risk Score (AI oriented)Between 750 and 799
EDP
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EDP Global Score (TPRM)XXXX
EDP
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EDP Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
EDP
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Portuguese multinational energy giant Energias de Portugal (EDP) was targeted by the Ragnar Locker ransomware group after they encrypted the systems. The attackers asked for a 1580 BTC ransom ($10.9M or €9.9M). EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy.
Polish Energy Sector: Russian Hackers Hit Poland's Grid with Wiper Malware
Cyber Attack
Rankiteo Explanation
Attack that could injure or kill people
Description: Russia’s Sandworm Unit Targets Poland’s Power Grid in Failed Cyberattack In a brazen escalation of cyber warfare, Russia’s elite Sandworm hacking unit linked to the GRU attempted to disrupt Poland’s energy infrastructure in late December. Security firm ESET uncovered destructive DynoWiper malware deployed against two Polish power plants and wind turbine networks on December 29–30, an attack that could have left 500,000 households without heat and electricity during winter. The assault targeted critical facilities and communication links between renewable energy installations and grid operators, aiming to cripple operations. While the attack failed, Polish Energy Minister Milosz Motyka confirmed it as the most severe cyber threat to the nation’s energy sector in years. Unlike ransomware, DynoWiper is designed for pure destruction, erasing data and rendering systems inoperable. ESET attributed the malware to Sandworm with "medium confidence", citing strong similarities to the group’s past operations, including the infamous 2015–2016 Ukraine blackouts. The incident underscores Russia’s continued use of cyber warfare to destabilize regional infrastructure, even as its tactics evolve.
EDP Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EDP
Incidents vs Utilities Industry Average (This Year)
No incidents recorded for EDP in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for EDP in 2026.
Incident Types EDP vs Utilities Industry Avg (This Year)
No incidents recorded for EDP in 2026.
Incident History — EDP (X = Date, Y = Severity)
EDP cyber incidents detection timeline including parent company and subsidiaries
EDP Company Subsidiaries
Our story began more than 40 years ago. Today we are a global company, among the largest players in the energy sector in Europe and the 4th largest producer of wind energy. We are proud to be a leading utility integrated in the Dow Jones Sustainability Indexes (World). We want to build a new energy by promoting renewable sources. To do this, we have chosen ... ... to be 100% green by 2030; ... to be Net Zero by 2040; ... to innovate, to shape the energy sector; ... empower our communities to live more sustainably. Ours is the energy that strives to create a better future, inspired by people from four regional hubs. It is the energy that knows no borders, that never sleeps, and that connects us to you. We will harness wind, sun and water to lead the energy transition. We will all be green. We choose the Earth. Welcome to the official EDP Group LinkedIn page.
Loading...
EDP Similar Companies
PT PLN (Persero)
Indonesia State Electricity Corporation PLN has a long history in electricity industry of Indonesia. As the sole provider of electricity in Indonesia, PLN is striving to increase quality of services to all Indonesian. In 1972, in accordance with Government Regulation No.17, the State-owned Electric
As one of the nation’s largest electric utilities, we’re bringing more clean and renewable sources of energy to Southern California. From energy storage to transportation electrification, our employees are working on innovative projects that will help cut emissions and greenhouse gases to provide
Correos
Somos la empresa líder en comunicaciones físicas, digitales y de paquetería. Nuestra misión es prestar un servicio integral de calidad, ofreciendo soluciones y servicios en toda la cadena de valor del ecommerce con el objetivo de facilitar la vida a nuestros clientes. Distribuimos más de 5.100 millo
Westinghouse Electric Company is the world's leading supplier of safe and innovative nuclear technology. We provide our utility customers around the world with the most reliable, dependable nuclear power plants, nuclear fuel, plant automation and operating plant products and services. We are driven
National Grid lies at the heart of a transforming energy system. Our business areas play a vital role in connecting millions of people to the energy they use, while continually seeking ways to make the energy system clean, fair, and affordable. In the UK we own and develop the high-voltage electri
NTPC Limited is India’s largest power generation utility with roots planted way back in 1975 to accelerate power development in India. Since then it has established itself as the dominant power major with a presence in the entire value chain of the power generation business. From fossil fuels, it ha
Dubai Electricity & Water Authority - DEWA
Dubai Electricity and Water Authority (DEWA), established on 1 January 1992, stands at the forefront of sustainable energy and water management. With a dedicated workforce of over 11,000 employees, we ensure reliable services across the entire chain of electricity and water production, transmission,
Adani Group
Adani Group is a diversified organisation in India comprising 10 publicly traded companies. It has created a world class transport and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Grou
RWE is leading the way to a clean energy world. With its investment and growth strategy Growing Green, RWE is contributing significantly to the success of the energy transition and the decarbonisation of the energy system. Around 20,000 employees work for the company in almost 30 countries worldwide
.png)
EDP CyberSecurity News
March 27, 2026 05:08 PM
Cybersecurity Breach Hits European Commission’s Cloud Infrastructure
The European Commission experienced a significant cybersecurity breach affecting its cloud-based Europa web platform on March 24.
March 27, 2026 01:12 PM
Omax Autos Ltd Fends Off Ransomware Attack on IT Systems
Auto components producer Omax Autos Ltd revealed on Friday a ransomware attack targeted its IT infrastructure. The initial cyber security...
March 24, 2026 11:10 AM
Bharat Cooperative Banking Summit 2026: AI-Driven Future in Focus
The Bharat Cooperative Banking Summit & Awards 2026 is set to take place from June 5 to 7, 2026, at Hotel Ramada in Lucknow.
March 24, 2026 10:47 AM
Digital trust drives global growth and sustainability
Digital trust is rapidly becoming a decisive factor in shaping economic performance, quality of life, and progress toward sustainable...
March 23, 2026 01:42 AM
Global AI governance frameworks fail to address real-world security threats
A new study warns that current artificial intelligence governance models remain fragmented, leaving systems vulnerable to cybersecurity...
March 22, 2026 12:43 PM
Breaking Silence: Women Farmworkers Challenge Legacy of Fear
In a shocking revelation, renowned labor rights activist Dolores Huerta has disclosed her own experience of sexual abuse by iconic labor...
March 22, 2026 12:36 PM
Russia's Soyuz Rocket Takes Off Again, Marking Return to Space
Russia has restored its capability to launch missions to the International Space Station with a successful lift-off of a Soyuz rocket from...
March 21, 2026 10:52 AM
PM Modi reiterates in talks with Iran President importance of safeguarding freedom of navigation, ensuring shipping lanes remain secure.
Read more about PM Modi reiterates in talks with Iran President importance of safeguarding freedom of navigation, ensuring shipping lanes...
March 21, 2026 07:33 AM
First time in the history of Himachal, budget reduced by Rs 3,586 crore due to discontinuation of RDG, says CM Sukhu.
Read more about First time in the history of Himachal, budget reduced by Rs 3586 crore due to discontinuation of RDG, says CM Sukhu. on...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EDP CyberSecurity History Information
Official Website of EDP
The official website of EDP is http://www.edp.com.
EDP’s AI-Generated Cybersecurity Score
According to Rankiteo, EDP’s AI-generated cybersecurity score is 779, reflecting their Fair security posture.
How many security badges does EDP’ have ?
According to Rankiteo, EDP currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has EDP been affected by any supply chain cyber incidents ?
According to Rankiteo, EDP has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does EDP have SOC 2 Type 1 certification ?
According to Rankiteo, EDP is not certified under SOC 2 Type 1.
Does EDP have SOC 2 Type 2 certification ?
According to Rankiteo, EDP does not hold a SOC 2 Type 2 certification.
Does EDP comply with GDPR ?
According to Rankiteo, EDP is not listed as GDPR compliant.
Does EDP have PCI DSS certification ?
According to Rankiteo, EDP does not currently maintain PCI DSS compliance.
Does EDP comply with HIPAA ?
According to Rankiteo, EDP is not compliant with HIPAA regulations.
Does EDP have ISO 27001 certification ?
According to Rankiteo,EDP is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of EDP
EDP operates primarily in the Utilities industry.
Number of Employees at EDP
EDP employs approximately 13,888 people worldwide.
Subsidiaries Owned by EDP
EDP presently has no subsidiaries across any sectors.
EDP’s LinkedIn Followers
EDP’s official LinkedIn profile has approximately 459,233 followers.
NAICS Classification of EDP
EDP is classified under the NAICS code 22, which corresponds to Utilities.
EDP’s Presence on Crunchbase
No, EDP does not have a profile on Crunchbase.
EDP’s Presence on LinkedIn
Yes, EDP maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/edp.
Cybersecurity Incidents Involving EDP
As of April 02, 2026, Rankiteo reports that EDP has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
EDP has an estimated 4,343 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at EDP ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Cyber Attack.
How does EDP detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with eset..
Incident Details
Can you provide details on each incident ?
Title: Ragnar Locker Ransomware Attack on EDP
Description: Portuguese multinational energy giant Energias de Portugal (EDP) was targeted by the Ragnar Locker ransomware group after they encrypted the systems. The attackers asked for a 1580 BTC ransom ($10.9M or €9.9M).
Type: Ransomware
Attack Vector: Ransomware
Threat Actor: Ragnar Locker
Motivation: Financial Gain
Title: Russia’s Sandworm Unit Targets Poland’s Power Grid in Failed Cyberattack
Description: Russia’s elite Sandworm hacking unit linked to the GRU attempted to disrupt Poland’s energy infrastructure in late December. Security firm ESET uncovered destructive DynoWiper malware deployed against two Polish power plants and wind turbine networks on December 29–30, an attack that could have left 500,000 households without heat and electricity during winter. The assault targeted critical facilities and communication links between renewable energy installations and grid operators, aiming to cripple operations. While the attack failed, Polish Energy Minister Milosz Motyka confirmed it as the most severe cyber threat to the nation’s energy sector in years. Unlike ransomware, DynoWiper is designed for pure destruction, erasing data and rendering systems inoperable.
Date Detected: 2023-12-29
Type: Cyberattack
Attack Vector: Malware (DynoWiper)
Threat Actor: Sandworm (GRU-linked)
Motivation: Destabilization, Cyber Warfare
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware EDP2217241122
Systems Affected: Encrypted systems
Incident : Cyberattack EDP1769207360
Systems Affected: Power plants, wind turbine networks, communication links
Operational Impact: Potential disruption to 500,000 households' heat and electricity
Which entities were affected by each incident ?
Incident : Ransomware EDP2217241122
Entity Name: Energias de Portugal (EDP)
Entity Type: Company
Industry: Energy
Location: Portugal
Size: Large
Incident : Cyberattack EDP1769207360
Entity Name: Polish power plants and wind turbine networks
Entity Type: Energy Infrastructure
Industry: Energy
Location: Poland
Customers Affected: 500,000 households
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyberattack EDP1769207360
Third Party Assistance: ESET
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through ESET.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Cyberattack EDP1769207360
Data Encryption: Data erasure (DynoWiper)
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware EDP2217241122
Ransom Demanded: 1580 BTC ($10.9M or €9.9M)
Ransomware Strain: Ragnar Locker
Data Encryption: Yes
References
Where can I find more information about each incident ?
Incident : Cyberattack EDP1769207360
Source: ESET
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: ESET.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as ESET.
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was 1580 BTC ($10.9M or €9.9M).
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Ragnar Locker and Sandworm (GRU-linked).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-12-29.
Impact of the Incidents
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was ESET.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was 1580 BTC ($10.9M or €9.9M).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is ESET.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_user.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n_presentations leads to heap-based buffer overflow. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4_BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow (HBO) in icAnsiToUtf8() in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8(std::string&, char const*) to treat an input buffer as a C-string and call operations that rely on strlen()/null-termination. AddressSanitizer reports an out-of-bounds READ of size 115 past a 114-byte heap allocation, with the failure observed while running the iccToXml tool. This issue has been patched in version 2.3.1.6.
Risk Information
cvss3
Base: 6.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow (SBO) in CIccTagFixedNum<>::GetValues() and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a 4-byte stack variable (rv) via the call chain CIccTagFixedNum::GetValues() -> CIccTagStruct::GetElemNumberValue(). This issue has been patched in version 2.3.1.6.
Risk Information
cvss3
Base: 6.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
- https://github.com/InternationalColorConsortium/iccDEV/issues/696
- https://github.com/InternationalColorConsortium/iccDEV/issues/697
- https://github.com/InternationalColorConsortium/iccDEV/issues/698
- https://github.com/InternationalColorConsortium/iccDEV/issues/703
- https://github.com/InternationalColorConsortium/iccDEV/pull/739
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-983c-rgh5-4982
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=edp' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
