Odido Data Breach Exposes 1 Million Records After Cyberattack

Odido Data Breach Exposes 1 Million Records After Cyberattack

Posted on By CWS

A significant data breach at Odido, a leading telecom provider in the Netherlands, has resulted in the release of over one million customer records online. The breach occurred after a failed extortion attempt by cybercriminals in February 2026.

Cybercriminal Group ShinyHunters Implicated

The attack is attributed to the notorious cyber group, ShinyHunters. Initially, they leaked around one million records, including 317,000 unique email addresses. The attackers warned of further leaks if their demands were not met, leading to a subsequent release of another million records with an additional 371,000 unique email addresses.

Overall, approximately 688,100 Odido customer accounts, both current and former, were affected by this breach, compromising sensitive personal data.

Sensitive Data Compromised

The leaked information includes a vast array of personally identifiable and financial details. This dataset contains full names, physical addresses, phone numbers, email addresses, bank account numbers, dates of birth, and even passport and driver’s license numbers. Additionally, internal comments from Odido’s customer service were also exposed.

With such sensitive data at risk, affected individuals face increased dangers of financial fraud, identity theft, and targeted phishing attacks.

Odido’s Response and Customer Guidance

Odido has acknowledged the breach through an official notice on its website, advising customers on potential threats. The company clarified that not every compromised record includes the full range of sensitive data. However, certain users might have had their passport details, driver’s license numbers, and birth dates exposed alongside contact and financial information.

The breach was recorded in the Have I Been Pwned (HIBP) database on February 26, 2026, allowing customers to verify if their data was compromised. Odido advises customers, especially those with accounts before 2026, to take precautionary measures such as monitoring bank accounts for unauthorized activities, being vigilant against phishing attempts, placing fraud alerts with banks, checking exposure via HIBP, updating passwords, and enabling multi-factor authentication.

This incident highlights the ongoing risks telecom companies face from extortion-based cyberattacks, given their access to extensive customer data.

Stay updated with daily cybersecurity news by following us on Google News, LinkedIn, and X. Get in touch to feature your stories.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

MSBuild Exploited for Stealth Fileless Windows Attacks MSBuild Exploited for Stealth Fileless Windows Attacks Cyber Security News
Keenadu Malware Threatens Android Devices via Firmware Keenadu Malware Threatens Android Devices via Firmware Cyber Security News
Threat Actors Weaponizing RMM Tools to Take Control of The Machine and Steal Data Threat Actors Weaponizing RMM Tools to Take Control of The Machine and Steal Data Cyber Security News
ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks Cyber Security News
RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second Cyber Security News
Hackers Using Malicious Imageless QR Codes to Render Phishing Attack Via HTML Table Hackers Using Malicious Imageless QR Codes to Render Phishing Attack Via HTML Table Cyber Security News