Odido data hackers demand ransom in "final warning"
xlaura / Shutterstock.com
By Simone Jacobs
The cybercriminal group Shinyhunters, which claimed responsibility for the Odido data breach, has threatened to publish the stolen data of 8 million customers if the Dutch internet provider fails to pay the ransom by Thursday, February 26.
Odido hackers threaten to publish stolen data
Earlier this month, Odido was targeted by a cyberattack that allowed cybercriminals to access personal data of 6,2 million account holders, including names, phone numbers, IBANs (bank account numbers) and passport numbers. This was considered one of the largest ever data breaches in the Netherlands.
Shinyhunters has now claimed responsibility for the cyberattack on their dark website, and is demanding a “low seven-figure” ransom, reports RTL Nieuws. The cybercriminal group claims to have the data of 8 million customers, instead of the 6,2 million that Odido previously reported, as well as passwords which the internet provider had said were not affected.
The hackers are threatening to post the stolen data on the dark web if Odido does not pay the ransom by Thursday. “This is a final warning to come back to our chat and finish what we set out to do before we leak along with several annoying (digital) problems that’ll come your way,” the group wrote.
Cybercriminals previously hacked Ticketmaster
An Odido spokesperson maintains that the criminals do not have access to customers’ “passwords”, but rather other identification tools such as security questions. "To identify yourself when you call Odido as a customer, some customers have a verification word," the spokesperson told NOS.
Customers of Odido should continue to be alert and suspicious of unusual activity, as the internet company “cannot rule out the possibility of misuse of your data”.
This isn’t the first time that Shinyhunters has struck. The cybercriminal group is also known for the data theft at Ticketmaster back in 2024 when hundreds of millions of customer data were stolen, as well as other cyberattacks at Microsoft, Jaguar and Louis Vuitton.
The hackers are believed to have gained access to Odido data via the accounts of customer service workers after obtaining passwords through phishing.
Never miss a thing!Sign up for our weekly newsletters with important news stories, expat events and special offers.
Editor for the Netherlands at IamExpat Media. Simone studied Genetics and Zoology at the University of Pretoria in South Africa before moving to the Netherlands, where she has been working as a writer and editor since 2022. One thing she loves more than creating content is consuming it, mainly by reading books by the dozen. Other than being a book dragon, she is also a nature lover and enjoys hiking and animal training.Read more