No one expects to start their day hearing that millions of customer records have been stolen, ransom demands have been made, and private information is now circulating on the dark web. But that’s precisely what Odido faced in February 2026.
If you’re a customer – or even a former one – it’s natural to feel anxious. Data breaches aren’t just ‘technical incidents’; they affect real people, their finances and their safety. So let’s walk through what exactly happened, what’s now on the dark web, and what practical steps you should take today.
What happened: a massive cyberattack on Odido
A cybercriminal group called ShinyHunters managed to break into Odido’s systems, stealing the personal data of at least 6 million customers. The hackers even claim the real number could be higher, closer to 8 million.
What Odido says may have been exposed
According to Odido, the attackers may have accessed a wide range of personal details. This includes:
- Your full name
- Your home address
- Your mobile phone number
- Your customer or account number
- The email address you use for your Odido services
- Your IBAN (bank account number)
- Your date of birth
- Certain identification details, such as your passport or driver’s license number, along with the document’s validity period
- Notes made on your account by Odido customer services, e.g. about having trouble to pay your bill
These pieces of information can potentially be used for identity theft or targeted scams, which is why extra caution is important.
What was not stolen
Odido has also confirmed that several sensitive categories of data were not part of the breach, including:
- Your ‘My Odido’ account password
- Your call history
- Location or tracking information
- Billing or payment records
- Uploaded identity document scans (such as photos of passports or IDs)
This means the hackers did not obtain login credentials or digital copies of identity documents – an important layer of protection.
Ransom demand and dark web release
ShinyHunters tried to force Odido into paying more than €1 million to stop them from leaking the stolen data. Odido didn’t give in. After talking with cybersecurity experts and the Dutch police, the company decided that paying ransom wasn’t a safe or useful option. Experts warned that even if Odido paid, there was no guarantee the hackers would delete the stolen information; and paying could encourage more attacks in the future. So, Odido chose not to negotiate. In response, the hackers went ahead and started publishing the stolen customer data on the dark web.
What should you do?
Even if you’re unsure whether your data was leaked, these quick steps can help you stay safer online.
- Be careful with unexpected messages
Scammers may use stolen information to make emails or texts look real. Don’t click suspicious links, and don’t share personal details unless you’re sure who you’re talking to. If something feels off, check through the company’s official website or app.
- Turn on bank alerts
Since IBAN numbers were part of the leak, turn on transaction notifications, check your statements often, and report anything strange right away.
- Watch for identity fraud
Some leaks included passport or driver’s licence numbers, so stay alert for letters or emails about loans or accounts you didn’t open. Contact your bank or credit agency if something seems wrong.
- Secure your phone number
Add a PIN or extra security with your mobile provider to avoid SIM‑swapping, and be alert if your phone suddenly loses service.
- Use free security tools if offered
Odido is giving affected customers 24 months of free digital security monitoring; activate it if you’re eligible.
Written by Parul Sachdeva