Odoo Employee Database Allegedly Leaked by Insider, For Sale on Dark Web

A 63.4MB database, purportedly containing sensitive employee information from the business management software company Odoo, is allegedly being offered for sale on a dark web forum. The seller claims the data was obtained via a “collaborative effort with a senior insider” from Odoo.

Odoo is a prominent Belgian company that provides a suite of open-source business applications, including customer relationship management (CRM), e-commerce, accounting, inventory management, project management, and human resources software. Their products are utilized by millions of users worldwide, ranging from small businesses to large enterprises, making employee data a valuable target. The alleged breach, if confirmed, could expose a significant amount of personal and professional information belonging to Odoo’s workforce.

The cybercriminal is asking for $25,000 in Monero (XMR) or Bitcoin (BTC) for the database. The advertisement details the types of information allegedly included in the compromised data:

• Unique identifiers (id, odoo_id, odoo_employee_id, emp_number, uniq_id)
• Employee profiles (full_name, email, password, mobile, image)
• Job roles and hierarchies (position_id, role_id, odoo_leave_manager_id, attendance_type_id, status_id, user_type_id)
• Authentication details (remember_t)
• Geolocation data (longitude_check_in, latitude_check_in, check_in_location_from_google_map, check_out_location_from_google_map)
• Additional attributes (email_verified_at, mobile_verified_at, is_time_off_hr, work_time_type, send_auth_code_first_time, work_phone, leave_manager_id)

The authenticity of the data and the seller’s claims are yet to be officially verified. However, the detailed nature of the listed data points raises serious concerns about the potential exposure of Odoo employees’ sensitive information.