ShinyHunters, a hacker group that claimed responsibility for the breach of Dutch telecom provider Odido, published the remaining stolen customer data, abandoning plans to release it in installments.
The dataset contains information on about 6.5 million individuals and 600,000 companies, national broadcaster NOS reports. According to their analysis, it includes over 5 million unique ID numbers, such as driver's licenses and passports, as well as residence permits, including the ones belonging to diplomats.
The files also contain customers' dates of birth, bank account numbers, phone numbers, and email addresses. For about 71,000 people, the email address of a guardian or a court-appointed administrator is also listed, and for more than 44,000 individuals, there are customer service notes. Such notes may contain sensitive information related to misconduct or fraud.
ShinyHunters said they will not publish all of Odido's data as "it's not relevant," although the group indicated it would keep it "for their own use."
ShinyHunters breached Odido’s customer relationship management system earlier in February, exposing nearly all of the company’s 7 million customers.
The gang demanded a ransom payment from Odido, threatening to publish leaked data if the payment wasn’t made. The original demand was for around €1 million, but it later dropped to €500,000.
Odido publicly refused to pay.
"Odido came to the decision not to engage in negotiations with these criminals or submit to their attempts at blackmail," the company said in a statement.
At the end of February, hackers started leaking Odido records to force the company to pay a ransom. Cybernews researchers said the leaked dataset contained full names, physical addresses, phone numbers, and email addresses, although it also included duplicate entries and inactive user profiles.
“Day 2 leak is here. After tomorrow (day 3), we will start publishing 2 million records per day. This is because of the recent Odido’s stance on not paying a ransom,” the attackers said at the time.
On their dark web site, the hackers said that "recent developments" led them to publish the remaining data, although they didn’t clarify what those developments were. They also refused to provide more details on that to NOS.
Your email address will not be published. Required fields are markedmarked