Criminals had access to a file containing the data of 6.2 million accounts.
A cyberattack is a deliberate attempt to gain unauthorized access to a computer system or network, often with the goal of stealing, altering, or destroying data. These attacks can be carried out by individuals, organized crime groups, or even state-sponsored actors, and they can lead to significant financial losses and data breaches.
[ NU.nl ]
Data of millions of Odido customers leaked after major cyberattack
Today: Telecom provider Odido has been hit by a cyberattack. Data from 6.2 million customer accounts has been leaked…
[ AD.nl ]
Data of millions of Odido customers leaked in cyberattack: names…
Today: A cyberattack at telecom provider Odido has leaked personal data from 6.2 million accounts.
[ NOS.nl ]
Cyberattack at Odido, data from millions of customers compromised…
Telecom provider Odido has been hit by a major cyberattack. Criminals had access to a file containing the data of 6.2 million accounts, an Odido spokesperson told the…
[ RTL.nl ]
Odido hit by cyberattack, personal data from millions of accounts…
Odido has been hit by a cyberattack. Hackers have stolen the data of millions of customers.
[ newsroom.odido.nl ]
Odido informs customers about cyberattack
Odido has been hit by a cyberattack, in which customer data has been compromised. Odido deeply regrets this situation…
[ Android Planet ]
Major hack at Odido: data of millions of customers stolen
Telecom provider Odido has been the victim of a major cyberattack. The data of millions of customers has been stolen.
[ Androidworld ]
Odido customers affected by cyberattack: millions of data…
Following a cyberattack at provider Odido, the customer data of as many as 6.2 million customers has likely been stolen.
[ Draadbreuk.nl ]
Millions of Odido customers affected by large-scale cyberattack
Odido has been hit by a massive cyberattack in which the data of 6.2 million customers has been accessed. Read here what exactly was leaked and what you should do.
[ Hart van Nederland ]
Data of millions of Odido customers leaked in cyberattack
A cyberattack at Odido has leaked personal data from 6.2 million accounts, including names and bank account numbers.
[ Libelle ]
Odido hit by cyberattack: what it means for you…
***
NOS News • today, 1:11 PM • Updated today 12 Feb 2026, 3:51 PM
Hack at Odido, data of millions of customers in the hands of criminals
Telecom provider Odido has been hit by a major cyberattack. Criminals gained access to a file containing the data of 6.2 million accounts, an Odido spokesperson told NOS.
The system also contained data from customers of Ben, which is part of Odido. This does not apply to customers of Simpel, another brand of the provider.
The customer data includes full name, address and city, telephone number, customer number, email address, account number, date of birth, and the numbers and validity dates of identification documents such as passports or driver’s licenses. The data leaked may vary per customer.
“This concerns personal data from a customer contact system used by Odido. No passwords, call logs, or billing information were involved,” the telecom provider wrote.
According to Odido, the breach was discovered last weekend. The telecom provider then launched an investigation with cybersecurity experts.
Tech editor Stan Hulsen: “This kind of data is interesting to criminals. They can contact you with your email address and phone number. And if they also use your name, address, date of birth, and customer number, they can create a much more convincing message to scam you. For example, that your last invoice hasn’t been paid. It’s important to always be alert to this.
We don’t know who stole the data, nor what they’re doing with it now. It’s also unclear how many people’s data was actually stolen. Odido says there were over 6 million accounts in the system, but that doesn’t automatically mean everyone’s data was actually stolen.”
According to the company, the stolen data has not been published online. Odido cannot rule out the possibility that the data will be made public in the future. “We advise all customers to be extra vigilant for suspicious activity or unexpected contact,” the company writes.
Odido declined to say whether it was pressured or blackmailed by the hackers. On the advice of our experts, we are not currently making any statements about the possible identity or background of the attacker.
Odido’s services were not affected; customers can continue to make calls, use the internet, and watch TV.
Odido has reported the incident to the Dutch Data Protection Authority (AP), which is aware of the data breach. The supervisory authority is monitoring whether Odido is taking sufficient steps to address the situation. According to a spokesperson, it is important that customers are informed quickly and as completely as possible. Customers who have been affected will receive an email from the company within the next 48 hours.
What can you do as a customer, according to Odido?
– Be extra vigilant for unexpected phone calls, text messages, WhatsApp messages, or emails.
– Change your passwords if you prefer, although this is not necessary as no passwords have been leaked.
In this special, we explain, using five levels of detail, how a hacker can access your “digital fingerprint.” It starts off quite innocently, but the higher the level, the more dangerous such a burglary is.
***
https://app.nos.nl/shorthand/data-diefstal/index.html
Data theft – The vulnerability of your digital fingerprint
The number of data thefts by cybercriminals will almost double by 2024, according to figures from the Dutch Data Protection Authority (DPA).
It happens in varying degrees. Hackers obtain more personal data in some cases than in others. But it quickly affects millions of people.
We’ll explain the hacker’s search for your digital fingerprint using five levels. Level 1 is relatively harmless, but the higher the levels, the more dangerous a hacker’s loot becomes.
First, the three options a hacker has if personal data is stolen in a cyberattack:
– Blackmail the company whose data was stolen with a ransom.
– Defraud the people whose data they have obtained.
– Or offer the dataset to other scammers on the dark web.
And that’s precisely where you don’t want your fingerprint to be. The risk of identity theft and fraud therefore increases dramatically.
According to the Dutch Data Protection Authority, everyone should assume that personal data has already been leaked or that this could happen again.
People who have been victims of data theft can report to the Fraud Help Desk. Based on these reports, we explain at each level what a criminal can do with the stolen data.
A cybercriminal can strike with just basic information. This was also the case with the following victim.
Woman, 25 years old – Damage €7,530
The victim was contacted via WhatsApp for a supposed work-from-home job at a well-known company. Initially, this was supposed to involve social media tasks. Later, money had to be transferred to foreign accounts with the promise of a profit. Increasingly, more investments were required to recover the money at the end of the “working day,” which ultimately turned out to be false. Total damage: €7,530.
The data is being supplemented with email addresses from a subsequent hack. If these are placed on the dark web, cybercriminals gradually learn more about you.
This is valuable for criminals, because it allows them to better personalize phishing emails, for example. This also happened to the following victim.
Man, age unknown – Damage €9,000
A man received a fake email from the Chamber of Commerce about a foundation at his address and entered some information, including his account number. Shortly after, he received a call from a fake employee from a bank’s fraud department, who said there had been suspicious activity on his foundation’s account. The payment could only be stopped if he cooperated. After this, he had to log in to a bank website that appeared to be fake. When he entered his code, €9,000 suddenly disappeared.
With the combination of stolen data and cunning tricks, your trust can quickly be gained.
Hackers learn even more by breaking into websites where people have accounts. This allows them to steal the database containing the passwords.
A criminal could then, for example, order items through your account. Or trick you with the order you placed yourself.
Man 65+ – Damage €20,000
The victim received a call from an employee of a large online store. There was supposedly a problem with an order for his speaker system. He had indeed ordered it, and it was true that the order had been delayed. The employee told him that his account had been hacked and that an expensive iPhone and crypto had been ordered. To secure his money, he had to download a program and transfer his balance to it. He lost €20,000.
Even though many accounts now require countless requirements for a strong password, it still often happens that people reuse that strong password in different places. And are therefore vulnerable.
It is recommended to enable two-step verification on accounts, where possible, for extra security.
Credit card details and bank account numbers can also be obtained from a data hack.
If credit card information is known, purchases or loans can be taken out in your name, for example.
A bank account number can be used by a criminal to impersonate a bank, as the following victim also discovered.
Woman, 28 – Damage €57,000
Someone received a text message from her bank with her information. It had to be verified. Shortly afterward, she received a call from a fake bank employee. They told her that a suspicious transaction to Belgium had been blocked and whether she had received a text message from the bank that week. She should never have trusted them. To resolve this, she had to follow the instructions, which included logging in and out of the bank. After the call became very pushy, she hung up. The damage was already done; she had lost €57,000.
The hack where highly personal and sensitive information is stolen.
The recent hack at the laboratory in Rijswijk is one such dangerous hack. Complete sets of data from thousands of people were stolen.
In one fell swoop, a hacker knows almost all personal data. Moreover, this also involves highly sensitive medical information, something popular on the dark web and therefore of interest to criminals.
In the case of the Rijswijk hack, the hackers not only obtained patient addresses, but also citizen service numbers (BSNs), the names of their health insurers and healthcare providers, and information about requested medical examinations.
With this data, a hacker can instantly create your digital fingerprint. With this data, highly specific phishing emails can be created, almost indistinguishable from the real thing.
With knowledge of your medical situation, criminals can also pose as, for example, your doctor:
“Your appointment next Tuesday at 2 p.m. needs to be rescheduled. We need additional information for this.”
Or your health insurer:
“There’s a problem with your policy details regarding your skin treatment. Would you like to log in via this link?”
Or a government agency like the Tax and Customs Administration:
“We need to check your healthcare allowance due to new medical information.”
Half of all Dutch people experience attempted fraud every year. One in six people actually falls victim to fraud and loses money as a result.
The Dutch Data Protection Authority and the Fraud Help Desk advise to always pay close attention to the sender of messages or emails and never to share sensitive information by phone. Use a two-step login if possible.
They also advise victims of a data breach to change their passwords. People who are certain their data has been misused can report it to the Central Reporting Point for Identity Fraud.
Colofon
Editors: Isa Huizing
Design: Thijs Geritz
Editors: Margot Oosterwechel
[ info processed via google – s. guraziu, sky division ]