​​New scams emerging as leaked Odido data pops up on social media

Now that the hackers behind the Odido data breach have leaked the entire stolen data set, the data of some 6.2 million Dutch people is available on the dark web. The stolen data is also popping up on social media, NOS reports. Cybercriminals are taking advantage of the situation, and Odido customers can expect many scams in the coming period.

Statistics from the data are being shared on X, and multiple websites have been created with the data, where visitors can check for themselves if their data is in the leak.

The dataset contains sensitive information like addresses, passport numbers, and banking details - a goldmine of information for criminals committing phishing scams, doxing, or identity fraud.

“By accessing it, you increase the damage to people who are already victims of the hack,” a spokesperson for the Public Prosecution Service (OM) told NOS, adding that downloading, using, and distributing stolen data is a criminal offense.

“There is also a significant risk that data will be shared further and that it will end up in many more places,” the spokesperson said. This increases the risk of the data being misused.

RTL Nieuws received multiple reports of a new Odido-linked scam. Cybercriminals posing as Odido customer service are calling victims of the data leak and, using the pretext of compensation and damages, try to trick people into giving them access to their bank accounts.

The call starts with an AI voice saying: “Good afternoon, Odido customer services. We’ve been experiencing a lot of problems lately. If you receive this call, you can receive compensation or claim damages.”

People who stay on the line then get a person on the phone, pretending to be an Odido customer service worker. They then try to convince the victim to give them access to their computer or bank account.

Two weeks ago, there was also a fake website where you could join a fake mass claim against Odido if you paid €50. Odido customers can expect more fraud attempts in the coming period.

The website Have I Been Pwned, where you can check if your data has been leaked, has now added the full Odido data breach. Founder Tory Hunt told RTL that the site has been accessed almost 2 million times by Dutch people in recent days.