ODIDO , the Dutch mobile phone carrier, disclosed a data breach impacting the personal information of over 6 million customers. The incident occurred on 7–8 February and involved unauthorized access to a customer contact system, affecting customers of Odido and its subsidiary Ben. Hackers stole details including names, addresses, phone numbers, email addresses, dates of birth, customer numbers, bank account numbers, and passport or driver’s licence numbers and validity.
Odido said its services were not impacted and that no passwords, call records, or invoice data were compromised. It immediately closed the attackers’ access, implemented additional security measures, and notified the relevant authorities; affected users are being contacted directly by email or phone. Not all users were affected, with local media reporting roughly 6.2 million impacted, and Odido noted it cannot rule out leaked data being published or misused in the future. According to Odido’s incident notice, the company has not named a threat actor and no known extortion group has claimed responsibility.