Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Police suspects Dutch hackers were involved in Odido breach

0
Medium
Vulnerability
Published: 07/10/2026 (07/10/2026, 16:37:01 UTC)
Source: Bleeping Computer

Description

In February 2026, the Dutch telecommunications provider Odido suffered a data breach affecting 6.2 million customers. The Dutch National Police found strong indications that Dutch hackers were involved, including evidence of a phishing call impersonating an Odido IT employee. The attackers accessed Odido's customer contact system and stole personal data such as names, addresses, mobile numbers, emails, IBANs, dates of birth, and some identification details. No call, billing, or password data were exposed. The ShinyHunters extortion gang claimed responsibility, releasing an 88GB archive with over 15 million records. ShinyHunters is known for sophisticated phishing and data theft campaigns targeting major organizations worldwide.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/10/2026, 16:47:45 UTC

Technical Analysis

The Odido breach involved unauthorized access to the company's customer contact system, resulting in the theft of personal data for millions of customers. The Dutch National Police investigation revealed strong evidence of Dutch hackers' involvement, including a phishing call to Odido customer service impersonating internal IT staff. The threat actors exploited social engineering to mislead employees and gain access. The ShinyHunters group claimed responsibility, releasing a large data archive on the dark web. This group is linked to multiple high-profile breaches and uses phishing and credential theft to compromise SaaS environments. The breach exposed sensitive personal information but did not include call records, billing data, or passwords.

Potential Impact

The breach compromised personal data of approximately 6.2 million Odido customers, including sensitive identifiers such as full names, addresses, mobile numbers, emails, IBANs, dates of birth, and some passport or driver's license details. This exposure increases the risk of identity theft, phishing, and fraud targeting affected individuals. However, no call details, billing information, or passwords were leaked, limiting the scope of potential misuse. The involvement of a known extortion group (ShinyHunters) suggests potential for further data exploitation or ransom attempts.

Mitigation Recommendations

No official patch or fix applies as this incident resulted from social engineering and unauthorized access rather than a software vulnerability. Organizations should review and strengthen employee training on phishing and social engineering awareness, implement strict verification procedures for internal communications, and monitor for suspicious activity. Odido and similar companies should audit access controls to customer contact systems and consider multi-factor authentication for internal support channels. Customers should be informed about the breach and advised to monitor their accounts for suspicious activity.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Article Source
{"url":"https://www.bleepingcomputer.com/news/security/police-suspects-dutch-hackers-were-involved-in-odido-breach/","fetched":true,"fetchedAt":"2026-07-10T16:47:39.459Z","wordCount":797}

Threat ID: 6a51222b68715ace43dbcf7f

Added to database: 07/10/2026, 16:47:39 UTC

Last enriched: 07/10/2026, 16:47:45 UTC

Last updated: 07/10/2026, 16:47:45 UTC

Views: 1

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses