Cybercriminals leaked over 1 million customer records from the Dutch telecom company Odido after their extortion attempt failed. The group ShinyHunters took responsibility for the attack, which resulted in data being released in two waves on February 25 and 26, 2026. The breach affected 688,100 accounts, exposing names, addresses, bank details, and IDs.
Odido confirmed the breach in an official notice on February 27. “We regret this incident. Not all records show full details, but some include passports, licenses, birth dates, and bank info,”
ShinyHunters released 1 million records with 317,000 unique emails initially, followed by another million and 371,000 emails on day two. They asked for ransom, but Odido declined. The data was then posted on BreachForums.
“We have nothing to add to that,” the Shinyhunters hackers respond to RTL Nieuws. “Enjoy the daily data breaches in the coming days! More sensitive data will appear every day.”
Leaked Data Types
| Data Field | Risk Level | Notes |
|---|---|---|
| Full names, addresses | High | Targets for phishing |
| Phone, email | High | Spam, scams |
| Bank account numbers | Critical | Direct fraud |
| DOB, passports, licenses | Critical | ID theft |
| Internal support notes | Medium | Social engineering |
Odido customers with accounts created before 2026 should take urgent precautions:
Monitor bank accounts for unauthorized transactions
Be alert to phishing emails or suspicious calls impersonating Odido or financial institutions
Consider placing a fraud alert with their bank
Check their exposure via the HIBP platform at haveibeenpwned.com
Update passwords and enable multi-factor authentication on linked accounts
Recently, Google’s Threat Intelligence Group, Mandiant, and their partners disrupted a global espionage campaign linked to a suspected Chinese threat actor UNC2814. This group used SaaS API calls to disguise malicious traffic in attacks against telecom and government networks globally.
The campaign has been ongoing since 2023 and has affected 53 organizations across 42 countries, with potential infections in at least 20 additional countries.
InfoSecBulletin Cybersecurity for mankind
