Odido Data Breach: 6.2 Million Customers Affected by Cyberattack

Dutch telecom provider Odido has confirmed a large-scale data breach impacting approximately 6.2 million customers. The incident, which occurred between February 7-8, 2026, compromised personal information including names, addresses, bank account details, and identification document numbers. The hacking group ShinyHunters has claimed responsibility and is demanding a ransom of over 1 million euros to prevent the publication of the stolen data.

Details of the Breach

The unauthorized access targeted a customer contact system used by Odido and its subsidiary, Ben. According to Odido, the stolen data includes:

• Names
• Addresses
• Phone numbers
• Email addresses
• Dates of birth
• Customer numbers
• Bank account numbers
• Passport or driver’s license numbers and validity

Notably, Odido has stated that passwords, call records, and invoice data were not compromised in the attack [SecurityWeek].

Ransom Demand and Investigation

The ShinyHunters group is threatening to publish the stolen data on the dark web if their ransom demand of over 1 million euros is not met by Thursday morning [Reuters]. Odido has not publicly commented on whether they intend to pay the ransom.

The Public Prosecution Service (OM) has launched a criminal investigation into the cyberattack [NL Times]. A spokesperson for the OM confirmed the investigation but declined to provide further details.

Customer Impact and Response

Reports to the Centraal Meldpunt Identiteitsfraude (CMI), the Dutch center for reporting identity fraud, have more than doubled in the week following the announcement of the breach, rising from 245 to 590 reports [NL Times]. Customers are expressing concerns about potential identity fraud and the misuse of their personal information.

Odido has urged customers to be vigilant for suspicious activity, such as phishing emails, and to monitor their accounts for any unauthorized transactions [SecurityWeek]. The company is directly notifying affected users via email or phone.

Ongoing Monitoring and Security Measures

Odido states that it has closed the attackers’ access to its systems and implemented additional security measures. The company is also actively monitoring the web for any publication of the stolen data in collaboration with cybersecurity experts [SecurityWeek].

Key Takeaways

• Approximately 6.2 million Odido customers have had their personal data compromised.
• The ShinyHunters hacking group is demanding a ransom to prevent data publication.
• A criminal investigation is underway by the Dutch Public Prosecution Service.
• Customers should remain vigilant for potential identity theft and fraud.