Odido, a leading Dutch telecom provider, disclosed a major cyberattack that compromised personal data of 6.2 million customers over the February 7-8, 2026 weekend. Attackers infiltrated the customer contact system, exfiltrating sensitive details while sparing passwords, call logs, and billing info.
Incident Overview
The breach targeted Odido’s customer relationship management (CRM) system, granting unauthorized access to records including full names, home addresses, mobile numbers, email addresses, customer IDs, IBAN bank details, dates of birth, and government-issued ID numbers like passports or driver’s licenses.Odido detected the intrusion swiftly, terminated access, and launched a forensic investigation with external cybersecurity experts.As of February 12, no public data leaks or ransomware claims have surfaced, though threat actors reportedly notified the company of the theft.
Odido’s Response and Mitigation
Odido promptly informed the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and began notifying affected customers via email or SMS within 48 hours. The company bolstered security with enhanced monitoring, additional controls, and staff training on cyber threats. Core services—mobile calls, internet, and TV—remained fully operational throughout.
Implications for Cybersecurity
This incident underscores persistent risks to telecom CRM systems, often rich in PII for phishing or identity fraud. For cybersecurity professionals, it highlights the need for robust data segmentation, zero-trust access, and rapid IR playbooks in high-value sectors like telecommunications. Track underground forums for potential data sales or IOCs, as no attribution has emerged yet.
Recommendations for Affected Users
- Monitor for phishing emails or calls impersonating Odido, especially fake invoices or support requests.
- Enable two-factor authentication where possible and freeze credit reports to prevent identity theft.
- Verify communications directly via official Odido channels (e.g., newsroom.odido.nl).
Odido’s transparent handling sets a positive example, but customers should stay vigilant amid rising breach notifications in 2026.
