A significant data breach at Odido, a leading telecom provider in the Netherlands, has resulted in the release of over one million customer records online. The breach occurred after a failed extortion attempt by cybercriminals in February 2026.
Cybercriminal Group ShinyHunters Implicated
The attack is attributed to the notorious cyber group, ShinyHunters. Initially, they leaked around one million records, including 317,000 unique email addresses. The attackers warned of further leaks if their demands were not met, leading to a subsequent release of another million records with an additional 371,000 unique email addresses.
Overall, approximately 688,100 Odido customer accounts, both current and former, were affected by this breach, compromising sensitive personal data.
Sensitive Data Compromised
The leaked information includes a vast array of personally identifiable and financial details. This dataset contains full names, physical addresses, phone numbers, email addresses, bank account numbers, dates of birth, and even passport and driver’s license numbers. Additionally, internal comments from Odido’s customer service were also exposed.
With such sensitive data at risk, affected individuals face increased dangers of financial fraud, identity theft, and targeted phishing attacks.
Odido’s Response and Customer Guidance
Odido has acknowledged the breach through an official notice on its website, advising customers on potential threats. The company clarified that not every compromised record includes the full range of sensitive data. However, certain users might have had their passport details, driver’s license numbers, and birth dates exposed alongside contact and financial information.
The breach was recorded in the Have I Been Pwned (HIBP) database on February 26, 2026, allowing customers to verify if their data was compromised. Odido advises customers, especially those with accounts before 2026, to take precautionary measures such as monitoring bank accounts for unauthorized activities, being vigilant against phishing attempts, placing fraud alerts with banks, checking exposure via HIBP, updating passwords, and enabling multi-factor authentication.
This incident highlights the ongoing risks telecom companies face from extortion-based cyberattacks, given their access to extensive customer data.
Stay updated with daily cybersecurity news by following us on Google News, LinkedIn, and X. Get in touch to feature your stories.
