A brand new information breach involving Dutch telecom supplier Odido and its funds model Ben has drawn consideration after the ShinyHunters hacker group claimed to have stolen hundreds of thousands of buyer data. Whereas the attackers say delicate information from roughly 21 million data is in danger, the corporate states that key account credentials and repair operations stay unaffected.
ShinyHunters printed the allegation on its darkish net leak website final week, together with a message pressuring the corporate to return to negotiations. In response to the put up seen by Hackread.com, the stolen data consists of names, addresses, electronic mail accounts, telephone numbers, IBAN financial institution particulars, and identification information reminiscent of passport and driver’s license numbers. The risk actors declare they’ll launch the information publicly if their calls for aren’t met.
Odido Confirms Cyber Assault
In a safety advisory printed earlier as we speak, Odido confirmed it skilled a cyberattack and acknowledged that buyer information from a contact administration system was accessed with out authorization.
The corporate stated its investigation is ongoing and that exterior cybersecurity specialists are helping with containment and evaluation. In response to its official replace, operational providers, together with cellular connectivity, web entry, and tv, stay unaffected.
“Virtually 21 million data containing Full Names, Bodily addresses, electronic mail addresses, telephone numbers, and plaintext passwords, IBANs, passport numbers, driver’s license numbers, and different inner company information have been compromised. This can be a last warning to come back again to our chat by Thursday this week and end what we got down to do earlier than we leak together with a number of annoying (digital) issues that’ll come your method. Make the fitting determination, don’t be the subsequent headline. the place to search out us.”
ShinyHunters
The distinction between the attackers’ claims and the corporate’s statements present an early part frequent in breach investigations. ShinyHunters claims that plaintext passwords and inner company data have been included within the stolen information, whereas Odido says no passwords, name particulars, billing data, or location information have been uncovered. The corporate added that scans of id paperwork weren’t accessed.
Early indicators recommend the information breach was detected throughout the weekend of February 7 and eight, when uncommon exercise triggered inner alerts. Odido stated unauthorized entry was terminated rapidly after discovery, adopted by extra safety controls and elevated monitoring throughout affected programs. The incident has been reported to the Dutch Information Safety Authority, and impacted clients acquired notification by way of electronic mail or SMS.
Though the corporate stresses that not all clients have been affected, it acknowledged that uncovered information could embrace private identifiers reminiscent of full identify, deal with, contact data, date of start, checking account quantity, and identification doc numbers.
One of these information is usually utilized in phishing and impersonation scams, which is why the corporate advises clients to confirm surprising calls, keep away from suspicious hyperlinks, and thoroughly assessment invoices or monetary requests.
ShinyHunters and Hacking Spree
The ShinyHunters group has spent years breaching firms and publishing stolen information, however over the previous 12 months, its operations have grown extra aggressive and coordinated. A January 2026 report detailed how the group focused greater than 100 firms worldwide by utilizing phone-based social engineering to bypass Single Signal On (SSO) protections.
That very same technique enabled the attackers to steal and leak hundreds of thousands of person data from firms, together with SoundCloud, Crunchbase, and Betterment. The group claims it nonetheless holds information from tons of of extra organizations and has warned that extra leaks will comply with if its calls for are ignored.
Nonetheless, as investigations proceed, the incident provides to a rising variety of telecom sector breaches the place attackers focus much less on service disruption and extra on harvesting private data. The end result will rely on whether or not the claims of large-scale information theft are verified and whether or not the attackers comply with by on their threats to publish the information.
