ODIDO has confirmed a massive breach affecting 6.2 million customer accounts, with attackers able to access names, addresses, phone numbers, email addresses, bank account details, dates of birth, and passport or ID numbers. The company said passwords, call logs, location data, invoices, and scans of ID documents were not exposed, and that the unauthorised access was terminated as quickly as possible. Odido engaged external cybersecurity experts to help strengthen security measures in response to the incident.
The breach was discovered last weekend and reported to the Dutch privacy watchdog, with the subsidiary Ben warning customers that their information may have been stolen. Odido operates in the Netherlands, serving around 8 million mobile subscribers and about 1 million fixed broadband customers. The article, dated 12 February 2026, notes that the company urges customers to remain vigilant for suspicious activity and to verify unexpected communications directly with the company. according to SecurityAffairs