Home > Security > Security News

Odido Data Breach Exposes Almost 690,000 Telecom Customer Accounts

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Telecom Tower - Server - Data
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Massive Data Exposure: A significant data breach at the Dutch telecom provider Odido in February 2026 exposed millions of customer records.
  • Attribution and Extortion: The ShinyHunters hacking group has claimed responsibility, demanding a ransom and threatening to leak data daily until paid.
  • Sensitive Data Compromised: The leaked information includes names, addresses, phone numbers, bank account details, and potentially passport numbers.

Dutch telecommunications firm Odido has confirmed that it was the target of a major data breach and subsequent extortion attempt in February 2026, resulting in a substantial customer data leak that compromised millions of records. On February 26, breach notification service Have I Been Pwned (HIBP) added 688,102 breached accounts to its database.

ShinyHunters claimed responsibility for the Dutch telecom hack and began publishing customer data on the dark web after Odido refused to negotiate or pay a ransom.

ShinyHunters Cyberattack and Data Publication

Odido said cybercriminals gained unauthorized access to a customer contact system on February 7, estimating the initial leak was approximately six million records. The ShinyHunters cyberattack escalated when the group began releasing the stolen data in stages, threatening to publish one million lines worth of customer data per day, National broadcaster NOS reported today.

ShinyHunters first Odido dataset leak announcement | Source: Darknetsearch
ShinyHunters first Odido dataset leak announcement | Source: Darknetsearch

HIBP said the first batch contained 317,000 unique email addresses, and the attackers followed through on their threats to release more data, publishing another million records (of an alleged 21-million set) with 371,000 additional unique email addresses the next day.

ShinyHunters warning posted on the dark web | Source: Cybernews
ShinyHunters warning posted on the dark web | Source: Cybernews

The compromised data is highly sensitive, as the HIBP dataset contains:

Odido Data Breach Cybersecurity Implications

Following the Odido data breach disclosure, the company “came to the decision not to engage in negotiations with these criminals or submit to their attempts at blackmail," the company said in a statement cited by Reuters. The public refusal to pay the ransom aligns with official law enforcement advice. 

Reuters reported that this attack is one of the largest data breaches in the Netherlands' history, affecting a significant portion of the company's customer base, which formerly operated as T-Mobile's Dutch arm.

This month, cyberattacks on Singapore telecom companies Singtel, StarHub, M1, and Simba Telecom were linked to the UNC3886 cyberespionage group, and China-nexus espionage APT UAT-7290 targeted telecom infrastructure in South Asia.

Add a Comment
Related
Skull formed by binary code in a red background with floating binary code
UAT-10027 Leverages ‘Dohdoor’ Backdoor and Cobalt Strike Against US Education and Healthcare
Europol building
The Com: Europol's Project Compass Reports First Results with 30 Arrests and Over 170 Identifications
Man behind bars with handcuffs
Intellexa Executives Sentenced in Predator Spyware Scandal Targeting 90+ Individuals in Greece, Including Politicians, Journalists
CISCO
Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning 
Control Room - Screens - Worl Map - Hackers - Personnel
Moscow Man Charged in Extortion of Conti Ransomware Gang via Federal Security Service Impersonation
Claude Code Critical Flaws Allowed RCE and API Token Theft: AI Development Security Risks Exposed
Most Popular
Skull formed by binary code in a red background with floating binary code
UAT-10027 Leverages ‘Dohdoor’ Backdoor and Cobalt Strike Against US Education and Healthcare
Europol building
The Com: Europol's Project Compass Reports First Results with 30 Arrests and Over 170 Identifications
Man behind bars with handcuffs
Intellexa Executives Sentenced in Predator Spyware Scandal Targeting 90+ Individuals in Greece, Including Politicians, Journalists
CISCO
Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning 
Control Room - Screens - Worl Map - Hackers - Personnel
Moscow Man Charged in Extortion of Conti Ransomware Gang via Federal Security Service Impersonation
Claude Code Critical Flaws Allowed RCE and API Token Theft: AI Development Security Risks Exposed
UAT-10027 Leverages ‘Dohdoor’ Backdoor and Cobalt Strike Against US Education and Healthcare
The Com: Europol's Project Compass Reports First Results with 30 Arrests and Over 170 Identifications
Intellexa Executives Sentenced in Predator Spyware Scandal Targeting 90+ Individuals in Greece, Including Politicians, Journalists
Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning 
Moscow Man Charged in Extortion of Conti Ransomware Gang via Federal Security Service Impersonation
Claude Code Critical Flaws Allowed RCE and API Token Theft: AI Development Security Risks Exposed

Most Popular
Skull formed by binary code in a red background with floating binary code
UAT-10027 Leverages ‘Dohdoor’ Backdoor and Cobalt Strike Against US Education and Healthcare
Europol building
The Com: Europol's Project Compass Reports First Results with 30 Arrests and Over 170 Identifications
Man behind bars with handcuffs
Intellexa Executives Sentenced in Predator Spyware Scandal Targeting 90+ Individuals in Greece, Including Politicians, Journalists
CISCO
Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning 
Control Room - Screens - Worl Map - Hackers - Personnel
Moscow Man Charged in Extortion of Conti Ransomware Gang via Federal Security Service Impersonation
Claude Code Critical Flaws Allowed RCE and API Token Theft: AI Development Security Risks Exposed
UAT-10027 Leverages ‘Dohdoor’ Backdoor and Cobalt Strike Against US Education and Healthcare
The Com: Europol's Project Compass Reports First Results with 30 Arrests and Over 170 Identifications
Intellexa Executives Sentenced in Predator Spyware Scandal Targeting 90+ Individuals in Greece, Including Politicians, Journalists
Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning 
Moscow Man Charged in Extortion of Conti Ransomware Gang via Federal Security Service Impersonation
Claude Code Critical Flaws Allowed RCE and API Token Theft: AI Development Security Risks Exposed

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: