Are you an Odido customer? The data of 6.2 million users has been hacked

Dutch telecom giant Odido has confirmed a major data breach affecting potentially 6.2 million customer accounts. Hackers accessed a customer contact system containing names, addresses, phone numbers, bank details, birth dates, and even ID document information.

Odido discovered the breach last weekend and immediately launched an investigation with cybersecurity specialists.

The company has now blocked the hackers’ access and reported the incident to the Autoriteit Persoonsgegevens (the Dutch data protection authority).

Good news: passwords, call records, location data, and billing information weren’t compromised. Odido’s services are still running normally — you can keep calling, texting, and streaming without issues.

Can be resold on criminal marketplaces

“The more a criminal knows about a victim, the easier it is to trick them,” Dave Maasland from cybersecurity firm ESET Nederland tells AD.

He warns that stolen data like this gets resold on criminal marketplaces and can be abused for years, particularly to scam elderly people through fake bank calls.

Tech lawyer Menno Weij calls it “a serious leak, especially for the Netherlands,” when speaking with AD, noting both the scale and the variety of data stolen.

The stolen information hasn’t been published online yet, but Odido can’t guarantee it won’t be in the future.

What to do if you’re a customer

Experts warn that you should watch out for suspicious calls, texts, or emails from people claiming to be from Odido, your bank, or other organisations.

Check links carefully (look for typos and dodgy senders), never share passwords or PIN codes, and verify invoices through your Mijn Odido account before paying.

Odido says that affected customers will receive an email from info@mail.odido.nl within 48 hours. No email? Check your spam folder. Still nothing? You’re probably in the clear.

Are you an Odido customer? Tell us in the comments if you’ve received a notification.