CYBERCRIME group ShinyHunters has leaked what appears to be the full Odido dataset, the Netherlands’ large mobile network operator, after Odido disclosed a breach in mid-February affecting 6.2 million accounts. The breach originally exposed names, addresses, phone numbers, email addresses, bank details, dates of birth and ID numbers, with a company notice stating that passwords, call logs or billing information were not affected.
A later dump allegedly added 4.6 million more unique email addresses, bringing the total to 6.1 million across four separate releases, a development highlighted by Have I Been Pwned which added the compromised dataset to its archive. Odido serves around 8 million mobile subscribers and about 1 million fixed broadband customers, with the group claiming the final release contains over 15 million Salesforce records including full names, addresses, emails, phone numbers, and various government IDs.
ShinyHunters’ message on its Tor data leak site promises ongoing daily leaks no longer, and criticises Odido for the breach as the dataset is published. The Odido incident has been framed as the largest data leak in the Netherlands’ history, with warnings that personal data from former and current customers has been exposed. 1 March 2026.