Case Study: Major European-Based Energy Company achieves uninterrupted customer access and preserves infrastructure with Imperva Account Takeover Protection

Major European-Based Energy Company Safeguards customer access and preserves infrastructure resources with Imperva Account Takeover Protection

A major European energy company that generates and distributes power — including renewables, EV charging and solar solutions — faced sophisticated account takeover attacks against its login endpoints. Millions of low-and-slow credential-stuffing requests, distributed across thousands of IPs and designed to evade rate limits and traditional WAF rules, overwhelmed infrastructure and forced teams to spend days chasing attacks while risking customer access.

To respond, the company expanded its Imperva deployment with Account Takeover Protection tightly integrated into Cloud WAF. The out-of-the-box, multilayered solution was deployed across five sites in 30–60 minutes each, immediately blocking malicious logins close to the source. It mitigated a three-day assault of 22.5 million requests (peaking at 75,000 blocked in five minutes) with no false positives, preserving customer access, reducing infrastructure strain, and strengthening the company’s security posture.