Odido doesn't pay, hackers start publishing stolen data
Telecom company Odido said it won't pay a ransom to the hackers who stole million of its customers data.
Published on February 26, 2026
© Odido
Team IO+ selects and features the most important news stories on innovation and technology, carefully curated by our editors.
Telecom company Odido is refusing to pay a ransom to hackers who stole the personal data of over 6 million customers. As a result, the cybercriminal group 'ShinyHunters' published part of the stolen customer data on the dark web today, the public broadcaster NOS reports.
There is no clarity over the quantity of data that was leaked to the dark web - a hidden part of the Internet. Hackers previously said that, if today's deadline wasn't met, they would publish 1 million lines of data, such as addresses and telephone numbers, per day.
A spokesperson for Odido stated that the company's priority is the safety of its customers and that it has decided against negotiating with the hackers, following the advice of consultants and government agencies.
Odido data breach
The telecom provider has acknowledged that personal data from over 6 million accounts was compromised in the breach that occurred between February 7th and 8th, 2026. This stolen data includes names, addresses, phone numbers, email addresses, dates of birth, customer numbers, bank account numbers, and passport/driver's license details. Furthermore, sensitive information regarding customer interactions, including notes on payment agreements and personal circumstances, was also accessed.
The NOS also said it received some of the stolen data from the criminals as proof of their breach.
Investigation and impact
The Public Prosecutor's Office has launched a criminal investigation into the cyberattack. Reports of identity fraud have more than doubled in the past week, with 590 confirmed cases related to the Odido breach reported to the Central Identity Fraud Reporting Point (CMI).
ShinyHunters, the group responsible for the attack, has previously stolen data from Ticketmaster and Pornhub. They initially claimed to have accessed 21 million customer records, a figure significantly higher than Odido's reported 6.2 million.
Odido has offered affected customers a two-year subscription to F-Secure security software as a compensatory measure. However, security experts argue that this offer does little to protect against the exposure of immutable data, such as dates of birth or customer notes [2]. Law enforcement agencies generally advise against paying ransoms to hackers, as it is uncertain whether the data will be returned, and there is a risk of further extortion attempts.