ShinyHunters Allegedly Claim Breach of 21 Million Records from Odido

The infamous cybercriminal collective ShinyHunters has taken credit for a significant data breach that targeted the Dutch telecom provider Odido and its BEN brand. The incident appears to be far more serious than previously reported, as the group ShinyHunters claims to have stolen 21 million records from 8 million customers. This purported breach exposed extremely sensitive data.

Alleged Exposure of Sensitive Data The claims state that plaintext passwords are among the compromised data, a serious security lapse that has caused a great deal of online indignation. Additionally, the following is said to be included in the stolen data: Type of Exposed Data Numbers on passports Numbers on driver's licenses Global Bank IBANs, or account numbers Household addresses Email addresses Internal company records Source code for the company ShinyHunters made it clear that Odido "lied about their disclosure," suggesting that the business minimized the seriousness or extent of the first incident. The public's concerns about Odido's transparency and handling of the breach have been heightened by this accusation.

Customers and security experts have been alarmed by the disclosure of plaintext passwords in particular because it shows a serious breach in fundamental data security procedures.

Users are extremely vulnerable to account takeover and credential-stuffing attacks on various platforms when they store passwords without encryption or hashing. For the impacted customers, the inclusion of government-issued identification numbers and banking information greatly raises the risk of identity theft and financial fraud. Learn more Solutions for cloud security Cybersecurity Teams Odido's corporate security and intellectual property are also seriously threatened by the possible release of internal documents and source code, according to a recent International Cyber Digest announcement on X. Malicious actors may find more weaknesses in the organization's infrastructure if they examine the source code.

The public has responded quickly and harshly.

The purported storage of plaintext passwords and Odido's purported lack of transparency have infuriated and shocked social media users. The company's data retention policies have also drawn criticism from users who wonder why information from previous clients is still kept on file. The situation is still a developing security crisis even though Odido has not yet publicly confirmed the specific details that ShinyHunters have claimed.

The potential scope and sensitivity of the compromised data underscore the persistent threat posed by highly skilled cybercriminal organizations and the vital necessity of strong data security protocols in the telecom industry. Odido will probably face severe regulatory scrutiny and serious reputational harm if these allegations are confirmed. X, LinkedIn, and LinkedIn for daily ZeroOwl. To have your stories featured, get in touch with us.