Odido Data Breach: 6.2 Million Customers Exposed in Major Cyberattack

A massive data breach at Odido, one of the Netherlands’ largest telecommunications providers, has exposed the personal information of 6.2 million customers after hackers infiltrated the company’s systems and stole millions of sensitive records.

The breach, which came to light on February 12, 2026, occurred when attackers gained unauthorized access to Odido’s customer contact system on February 7. While the company maintains that no passwords, call details, billing data, or identity document scans were compromised, the exposed information still represents a significant security failure with potentially serious consequences for affected customers.

What Information Was Stolen?

According to Odido’s disclosure, the compromised data varies by customer but may include a combination of:

• Full names and residential addresses
• Mobile phone numbers
• Customer identification numbers
• Email addresses
• IBAN bank account numbers
• Dates of birth
• Partial identification details (passport or driver’s license numbers and validity periods)

The company acted quickly to contain the breach, blocking the attackers’ access, notifying the Dutch Data Protection Authority, and engaging external cybersecurity experts to manage the incident response.

ShinyHunters Claims Responsibility

The notorious ShinyHunters extortion gang has now publicly claimed responsibility for the attack, adding Odido to their dark web leak site. The group asserts they’ve stolen nearly 21 million records from the telecom giant’s systems—a figure significantly higher than the 6.2 million customers Odido initially reported as affected.

What makes this breach particularly concerning is ShinyHunters’ claim that the stolen data includes not only customer information but also internal corporate data and plaintext passwords. If true, this would represent a far more severe compromise than Odido has acknowledged.

In a menacing message posted on their leak site, ShinyHunters warned: “This is a final warning to come back to our chat and finish what we set out to do before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline. You know where to find us.”

Odido has firmly denied these additional claims, with a company spokesperson telling BleepingComputer that “no passwords, call details, social security numbers, or billing data are involved.” However, the company’s reluctance to provide details about the breach attribution or potential ransom demands has raised questions about the full scope of the attack.

ShinyHunters’ Expanding Criminal Empire

This attack is just the latest in a wave of high-profile breaches attributed to ShinyHunters in recent weeks. The group has claimed responsibility for attacks on major companies including:

• Panera Bread (51 million accounts)
• Betterment (14 million accounts)
• SoundCloud (298 million accounts)
• Canada Goose
• PornHub
• Match Group (owner of Tinder, Hinge, OkCupid, and other dating platforms)

What makes ShinyHunters particularly dangerous is their sophisticated attack methodology. The group has been linked to voice phishing (vishing) attacks that target employees’ single sign-on (SSO) accounts at major platforms like Google, Microsoft, and Okta. In these attacks, criminals impersonate IT support staff and trick employees into entering credentials and multi-factor authentication codes on convincing phishing sites.

Recently, ShinyHunters has adopted even more advanced techniques, including device code vishing attacks that abuse the OAuth 2.0 device authorization grant flow to obtain Microsoft Entra authentication tokens. Once they compromise SSO accounts, they can pivot to access a wide range of connected enterprise services including Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, and many others.

The Growing Threat Landscape

This breach highlights the escalating threat that organized cybercrime groups pose to critical infrastructure and large corporations. Telecommunications companies like Odido are particularly attractive targets because they hold vast amounts of personal data about millions of customers.

The fact that ShinyHunters was able to penetrate Odido’s defenses and extract millions of records demonstrates that even well-resourced companies with presumably robust security measures remain vulnerable to determined attackers using sophisticated social engineering techniques.

For the 6.2 million affected Odido customers, this breach means their personal information—including potentially sensitive financial data like IBAN numbers—may now be in the hands of criminals who could use it for identity theft, financial fraud, or sell it on dark web marketplaces.

As the investigation continues, questions remain about how ShinyHunters initially gained access to Odido’s systems, whether any ransom was demanded or paid, and what additional data may have been compromised beyond what’s been publicly disclosed. What’s clear is that this breach represents one of the most significant cybersecurity incidents in the Netherlands in recent years, with potential ramifications for millions of citizens.

Tags

OdidoBreach #DataBreach #CyberAttack #ShinyHunters #Netherlands #TelecomHack #DataTheft #CustomerData #Cybersecurity #Hacking #Extortion #DigitalCrime #InformationSecurity #PrivacyBreach #CorporateHack

OracionesVirales

“6.2 million customers exposed in massive telecom hack”
“ShinyHunters claims 21 million records stolen from Odido”
“Plaintext passwords allegedly taken in Dutch telecom breach”
“Cybercriminals target single sign-on accounts with vishing”
“Telecommunications giant compromised in sophisticated attack”
“Millions of Dutch citizens’ data now in criminal hands”
“Voice phishing techniques defeat multi-factor authentication”
“Critical infrastructure under siege from organized crime”
“Personal data including bank details stolen from telecom”
“Dark web leak site threatens to dump millions of records”
“Corporate espionage or criminal profit? The ShinyHunters mystery”
“Social engineering bypasses even robust security measures”
“Telecom breach exposes sensitive customer identification data”
“Cyberattack wave continues as hackers target major corporations”
“Digital identity theft risk skyrockets after massive breach”

OracionesViralesAlternativas

“Odido customers beware: your personal data may be for sale”
“21 million records? Telecom company understates breach impact”
“Voice phishing: how scammers trick employees into giving up access”
“From PornHub to Tinder: ShinyHunters’ expanding victim list”
“Bank account numbers, addresses, and birth dates now with hackers”
“Device code vishing: The new frontier in cybercrime”
“Critical question: Did Odido pay ransom to cybercriminals?”
“Telecommunications backbone compromised by sophisticated attackers”
“Your phone company failed to protect your most sensitive data”
“Dark web marketplace about to get flooded with Dutch customer records”
“Social engineering: The Achilles’ heel of corporate cybersecurity”
“Multi-factor authentication bypassed through clever deception”
“6.2 million people now at risk of identity theft and fraud”
“Corporate negligence or inevitable outcome in modern cyberwarfare?”
“From dating apps to telecom giants: No company is safe from ShinyHunters”

,