The Odido data breach is now claimed by the ShinyHunters extortion gang, who allege to have stolen millions of user records from the Dutch telecommunications provider. Odido, a major player in the Netherlands’ telecom sector, disclosed the initial breach on February 12th, 2026, revealing that unauthorized access to their customer contact system occurred on February 7th.
According to Odido, exposed information varies, potentially including full names, addresses, mobile numbers, email addresses, IBANs, dates of birth, and some identification details. The company insists that no Mijn Odido passwords, call details, location data, billing data, or scans of identity documents were compromised. The company notified the Dutch Data Protection Authority and brought in cybersecurity experts.
ShinyHunters Claims Responsibility
While Odido has not officially attributed the attack, ShinyHunters has added the company to their dark web leak site, asserting they possess nearly 21 million records. The stolen Odido data breach allegedly includes internal corporate data and plaintext passwords, a claim Odido denies. ShinyHunters issued a warning to Odido, demanding they resume negotiations or face further leaks and digital disruptions.
“This is a final warning to come back to our chat and finish what we set out to do before we leak along with several annoying (digital) problems that’ll come your way,”
However, Odido maintains that no passwords, call details, social security numbers, or billing data were involved. This is not the first attack that ShinyHunters has been associated with. They have been linked to incidents at Panera Bread, Betterment, SoundCloud, Canada Goose, PornHub, and Match Group.
ShinyHunters’ Modus Operandi
ShinyHunters has employed sophisticated techniques such as voice phishing (vishing) attacks targeting single sign-on (SSO) accounts at major tech companies like Google, Microsoft, and Okta. They impersonate IT support staff to trick employees into divulging credentials and multi-factor authentication (MFA) codes on phishing sites. They have also been reported to use device code vishing to obtain Microsoft Entra authentication tokens.
Once they gain access to SSO accounts, they can breach connected enterprise services like Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, Atlassian, Zendesk, and Dropbox.
Impact on Financial Sector and Consumers
The Odido data breach, if the ShinyHunters’ claims are accurate, poses a related Fraudulents news significant risk to consumers. The exposed personal information could be used for identity theft, phishing scams, and other fraudulent activities. The incident also highlights the growing threat of cyberattacks targeting telecommunications companies, which hold vast amounts of sensitive customer data.
Financial institutions are also at risk, as the exposed IBAN numbers could be used to commit financial fraud. Consumers should remain vigilant, monitor their accounts for suspicious activity, and change their passwords regularly.
The ongoing investigation will hopefully reveal the full extent of the breach and help prevent similar incidents in the future. Investors should be aware of the potential financial impact of data breaches on companies like Odido, including reputational damage, legal costs, and regulatory fines.
Source: BleepingComputer




