LEAKED Odido data exposes sensitive information, with the post dated 28 February 2026. According to Odido, data from 6.2 million current and former customers was taken, including names, addresses, phone numbers, dates of birth, bank account numbers, and ID numbers, and the attackers claim to have stolen information from over 8 million people and demanded a ransom of more than 1 million euros, threatening to publish 1 million lines of data each day until Odido paid.
The company has refused to pay, and Shinyhunters said it will release more Odido data over the next two weeks if the company does not pay. Odido confirmed it will not pay a ransom. RTL identified detailed internal customer notes in the second batch describing stalking, threats, domestic violence, and protected addresses, a detail reported through NL Times. The post notes that coverage from Dutch outlets has not censored information about the breach, contrasting with other reporting approaches.