Dutch telecom provider Odido will not pay ransom to hackers who stole millions of customer records earlier this month. Hacker group ShinyHunters therefore published part of the stolen data on the dark web after an ultimatum expired.
Odido was given a deadline by the criminals that runs until this afternoon. They demanded an unknown amount of money to prevent the stolen data from being published. Odido will not comply, the provider confirms. As a result, ShinyHunters has started publishing the data via the dark web.
Exactly how much data has been published remains unclear. Previously, the attackers threatened to release 1 million lines of data every day as long as payment was not made. This includes email addresses, phone numbers, and other privacy-sensitive information.
More than 6 million accounts affected
In the cyberattack reported by Odido two weeks ago, personal data from more than 6 million accounts was stolen. The stolen information includes names, home and email addresses, phone numbers, dates of birth, bank account numbers, and ID numbers.
Yesterday, it became clear that the criminals also have sensitive notes from the customer contact system in their possession. These notes include information such as whether customers are meeting their payment agreements, have an administrator, or have misbehaved. Odido says it was not aware that this additional information had also been stolen.
Notorious collective with a long track record
The attack was carried out by ShinyHunters, a hacker group that has previously caused large-scale data breaches at companies such as concert ticket seller Ticketmaster and porn site Pornhub. The collective has been active since 2020 and has also targeted companies such as Microsoft and Google.
The group is known for using voice phishing and social engineering. At Odido, criminals gained access through employees who were deceived by phone calls in which attackers pretended to be from the IT department.
The police always advise affected companies not to pay ransom. Even after payment, it remains uncertain whether criminals will resell the stolen data or return it in the case of ransomware. In addition, there is a risk that organizations will be blackmailed again. Nevertheless, many companies often pay up after negotiations, according to cybersecurity experts. The Public Prosecution Service has now launched a criminal investigation into the entire matter.