Red Eléctrica
Company Details
Linkedin ID:
ree
Website:
Employees number:
1,164
Number of followers:
73,174
NAICS:
22
Industry Type:
Homepage:
ree.es
IP Addresses:
0
Company ID:
RED_6200046
Scan Status:
In-progress
Red Eléctrica Company CyberSecurity Posture
ree.es
Red Eléctrica fue la primera empresa en el mundo dedicada en exclusividad al transporte de electricidad y a la operación de sistemas eléctricos. Pionera en su clase, mantiene hoy una posición de liderazgo en estas actividades. Desde su creación en 1985, se hizo cargo de la red de transporte y de la operación del sistema eléctrico español adelantándose a las recientes tendencias mundiales hacia la segregación de actividades, estableciendo al transporte como una actividad separada de la generación y de la distribución. Este hecho supuso un cambio radical en el funcionamiento del sector eléctrico español y ha sido uno de los modelos que ha permitido a otros países establecer sistemas liberalizados.
Red Eléctrica A.I CyberSecurity Scoring
Red Eléctrica Risk Score (AI oriented)Between 750 and 799
Red Eléctrica
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Red Eléctrica Global Score (TPRM)XXXX
Red Eléctrica
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Red Eléctrica Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Red Eléctrica
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: On April 28, 2025, a massive power outage plunged almost the entire Iberian Peninsula into darkness when Spain’s national grid operator, Red Eléctrica, experienced a sudden 15-gigawatt drop in generation capacity over five seconds. Nearly 60 million residents across Spain and Portugal were left without electricity, forcing offices, airports, rail and subway services, ATMs and mobile phone networks to shut down. Traffic gridlock ensued, emergency services scrambled to deploy gas-powered generators, and consumers lined up for battery-powered radios. Within hours, Prime Minister Pedro Sánchez announced a special commission to probe potential causes — from grid oscillations and atmospheric anomalies to the possibility of cyber intrusion — while ruling out a shortage of nuclear output. By daybreak, 99% of capacity had been restored, but the economic fallout was severe: commerce halted, supply chains were disrupted, and tourism losses mounted. The unprecedented event exposed vulnerabilities in critical infrastructure, prompting EU officials to call for enhanced cross-border coordination, investment in grid resilience and cybersecurity measures to prevent a recurrence of this landmark disruption.
Red Eléctrica Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Red Eléctrica
Incidents vs Utilities Industry Average (This Year)
Red Eléctrica has 25.0% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Red Eléctrica has 29.87% more incidents than the average of all companies with at least one recorded incident.
Incident Types Red Eléctrica vs Utilities Industry Avg (This Year)
Red Eléctrica reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Red Eléctrica (X = Date, Y = Severity)
Red Eléctrica cyber incidents detection timeline including parent company and subsidiaries
Red Eléctrica Company Subsidiaries
Red Eléctrica fue la primera empresa en el mundo dedicada en exclusividad al transporte de electricidad y a la operación de sistemas eléctricos. Pionera en su clase, mantiene hoy una posición de liderazgo en estas actividades. Desde su creación en 1985, se hizo cargo de la red de transporte y de la operación del sistema eléctrico español adelantándose a las recientes tendencias mundiales hacia la segregación de actividades, estableciendo al transporte como una actividad separada de la generación y de la distribución. Este hecho supuso un cambio radical en el funcionamiento del sector eléctrico español y ha sido uno de los modelos que ha permitido a otros países establecer sistemas liberalizados.
Loading...
Red Eléctrica Similar Companies
TATA Power
Tata Power is one of India’s largest integrated power companies and together with its subsidiaries and jointly controlled entities, has an installed/managed capacity of 14,294 MW. The Company has a presence across the entire power value chain - generation of renewable as well as conventional power i
WBSEDCL
The Government of West Bengal has restructured the erstwhile WBSEB into two successor entities, namely West Bengal State Electricity Distribution Company Limited (WBSEDCL) and West Bengal State Electricity Transmission Company Limited (WBSETCL), under the ownership of the State Government. The two C
The Saudi Electricity Company was established on the 5th of April in the year 2000, incorporated in accordance with Council of Ministers Mandate No. 169 dated November 30th, 1998, the Saudi Electricity Company was born out of the merger of smaller regional power company in the central, eastern, west
Grupo Energisa
O Grupo Energisa tem na distribuição de energia elétrica a principal base de seu negócio. Com cinco distribuidoras no Brasil, das quais três na região Nordeste (Energisa Sergipe - Distribuidora de Energia S/A nova denominação de Energipe, no Estado de Sergipe, Energisa Paraíba - Distribuido
The E.ON Group is one of Europe's largest operators of energy networks and energy infrastructure and a provider of innovative customer solutions for 50 million customers. Thus, we are decisively driving forward the energy transition in Europe and are committed to sustainability, climate protection,
Duke Energy, a Fortune 150 company headquartered in Charlotte, N.C., is one of America’s largest energy holding companies. The company’s electric utilities serve 8.4 million customers in North Carolina, South Carolina, Florida, Indiana, Ohio and Kentucky, and collectively own 54,800 megawatts of ene
We are a multinational company changing the face of energy, one of the world’s leading integrated utilities. As the largest private player in producing clean energy with renewable sources we have more than 88 GW of total capacity, including around 64 GW of renewables. Distributing electricity t
RWE is leading the way to a green energy world. With its investment and growth strategy Growing Green, RWE is contributing significantly to the success of the energy transition and the decarbonisation of the energy system. Around 20,000 employees work for the company in almost 30 countries worldwide
Westinghouse Electric Company
Westinghouse Electric Company is the world's leading supplier of safe and innovative nuclear technology. We provide our utility customers around the world with the most reliable, dependable nuclear power plants, nuclear fuel, plant automation and operating plant products and services. We are driven
.png)
Red Eléctrica CyberSecurity News
December 13, 2025 12:11 AM
A comprehensive list of 2025 tech layoffs
The tech layoff wave is still kicking in 2025. Last year saw more than 150,000 job cuts across 549 companies, according to independent...
November 27, 2025 08:00 AM
SGS Highlights Cybersecurity Capabilities With World's First EU RED-NB Certification and Cybersecurity Mark
SGS awards Ruijie Networks the world's first EU RED-NB certification and Cybersecurity Mark, reinforcing its leadership in cybersecurity and...
November 03, 2025 08:00 AM
SDSU Extension to Host Ag Cybersecurity Workshop
BROOKINGS, S.D. – South Dakota State University Extension will host an agriculture cybersecurity workshop and public seminar to highlight...
September 22, 2025 07:00 AM
43 Top Cybersecurity Companies to Know 2025
These companies block online threats, assess industry vulnerabilities and increase education and awareness about cybersecurity.
August 19, 2025 07:00 AM
From Risk to Readiness: How India’s electrical sector can tackle emerging cyber threats
By Sunil Singhvi, President, Indian Electrical and Electronics Manufacturers' Association. The electrical sector is the backbone of India's...
August 18, 2025 07:00 AM
Mandatory: New EU Cybersecurity Rules for Signage
On August 1, the new EU cybersecurity regulation RED2014/53/EU took effect – also affecting digital signage. Leading display providers say...
August 07, 2025 07:00 AM
EU RED 2025: New hardware cybersecurity rules reshape wireless device compliance
In the wave of global digitalization and the proliferation of IoT devices, the application scope of wireless equipment has long surpassed...
July 18, 2025 07:00 AM
Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem – Center for Security Studies
This CSS Cyberdefense report by Eugenio Benincasa examines how a core group of red hackers from the 1990s and 2000s laid the groundwork for...
July 10, 2025 07:00 AM
Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands
Schneider Electric's EcoStruxure IT flaws allow remote code execution; CVE-2025-50121 rated CVSS 10.0 impacts global data centers.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Red Eléctrica CyberSecurity History Information
Official Website of Red Eléctrica
The official website of Red Eléctrica is http://www.ree.es.
Red Eléctrica’s AI-Generated Cybersecurity Score
According to Rankiteo, Red Eléctrica’s AI-generated cybersecurity score is 769, reflecting their Fair security posture.
How many security badges does Red Eléctrica’ have ?
According to Rankiteo, Red Eléctrica currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Red Eléctrica have SOC 2 Type 1 certification ?
According to Rankiteo, Red Eléctrica is not certified under SOC 2 Type 1.
Does Red Eléctrica have SOC 2 Type 2 certification ?
According to Rankiteo, Red Eléctrica does not hold a SOC 2 Type 2 certification.
Does Red Eléctrica comply with GDPR ?
According to Rankiteo, Red Eléctrica is not listed as GDPR compliant.
Does Red Eléctrica have PCI DSS certification ?
According to Rankiteo, Red Eléctrica does not currently maintain PCI DSS compliance.
Does Red Eléctrica comply with HIPAA ?
According to Rankiteo, Red Eléctrica is not compliant with HIPAA regulations.
Does Red Eléctrica have ISO 27001 certification ?
According to Rankiteo,Red Eléctrica is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Red Eléctrica
Red Eléctrica operates primarily in the Utilities industry.
Number of Employees at Red Eléctrica
Red Eléctrica employs approximately 1,164 people worldwide.
Subsidiaries Owned by Red Eléctrica
Red Eléctrica presently has no subsidiaries across any sectors.
Red Eléctrica’s LinkedIn Followers
Red Eléctrica’s official LinkedIn profile has approximately 73,174 followers.
NAICS Classification of Red Eléctrica
Red Eléctrica is classified under the NAICS code 22, which corresponds to Utilities.
Red Eléctrica’s Presence on Crunchbase
No, Red Eléctrica does not have a profile on Crunchbase.
Red Eléctrica’s Presence on LinkedIn
Yes, Red Eléctrica maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ree.
Cybersecurity Incidents Involving Red Eléctrica
As of December 15, 2025, Rankiteo reports that Red Eléctrica has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Red Eléctrica has an estimated 4,199 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Red Eléctrica ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Massive Power Outage on the Iberian Peninsula
Description: On April 28, 2025, a massive power outage plunged almost the entire Iberian Peninsula into darkness when Spain’s national grid operator, Red Eléctrica, experienced a sudden 15-gigawatt drop in generation capacity over five seconds. Nearly 60 million residents across Spain and Portugal were left without electricity, forcing offices, airports, rail and subway services, ATMs and mobile phone networks to shut down. Traffic gridlock ensued, emergency services scrambled to deploy gas-powered generators, and consumers lined up for battery-powered radios. Within hours, Prime Minister Pedro Sánchez announced a special commission to probe potential causes — from grid oscillations and atmospheric anomalies to the possibility of cyber intrusion — while ruling out a shortage of nuclear output. By daybreak, 99% of capacity had been restored, but the economic fallout was severe: commerce halted, supply chains were disrupted, and tourism losses mounted. The unprecedented event exposed vulnerabilities in critical infrastructure, prompting EU officials to call for enhanced cross-border coordination, investment in grid resilience and cybersecurity measures to prevent a recurrence of this landmark disruption.
Date Detected: 2025-04-28
Date Resolved: 2025-04-29
Type: Power Outage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Power Outage REE901042925
Systems Affected: Electrical GridOfficesAirportsRail and Subway ServicesATMsMobile Phone Networks
Downtime: Approximately 12 hours
Operational Impact: Commerce haltedSupply chains disruptedTourism losses
Which entities were affected by each incident ?
Incident : Power Outage REE901042925
Entity Name: Red Eléctrica
Entity Type: National Grid Operator
Industry: Energy
Location: Spain
Customers Affected: 60 million residents across Spain and Portugal
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Power Outage REE901042925
Lessons Learned: Vulnerabilities in critical infrastructure were exposed, prompting EU officials to call for enhanced cross-border coordination, investment in grid resilience and cybersecurity measures to prevent a recurrence of this landmark disruption.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Vulnerabilities in critical infrastructure were exposed, prompting EU officials to call for enhanced cross-border coordination, investment in grid resilience and cybersecurity measures to prevent a recurrence of this landmark disruption.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Power Outage REE901042925
Investigation Status: Special commission announced to probe potential causes
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-04-28.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on 2025-04-29.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Electrical GridOfficesAirportsRail and Subway ServicesATMsMobile Phone Networks.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Vulnerabilities in critical infrastructure were exposed, prompting EU officials to call for enhanced cross-border coordination, investment in grid resilience and cybersecurity measures to prevent a recurrence of this landmark disruption.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Special commission announced to probe potential causes.
.png)
Latest Global CVEs (Not Company-Specific)
Description
NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Description
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
Description
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=ree' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
