Odido Telecom Suffers Cyberattack – 6.2 Million Customer Accounts Affected

Odido Telecom, a leading Dutch telecommunications provider, confirmed on February 12, 2026, that hackers accessed personal data from 6.2 million customer accounts in a major cyberattack.

The breach, detected over the February 7-8 weekend, has raised alarms about phishing risks despite no disruption to services.

Hackers infiltrated Odido’s customer relationship management system, downloading sensitive information before the company blocked unauthorized access.

A spokesperson told NU.nl and NOS that the attackers themselves alerted Odido, claiming possession of millions of records. No ransomware group has claimed responsibility, and as of February 12, the data has not surfaced online or on the dark web.

The incident affects a significant portion of Odido’s customer base, which includes mobile, internet, and TV services for consumers and businesses.

Odido, owned by Apax Partners and Warburg Pincus, emphasized that core operations remain unaffected and that customers can continue to call, browse, and stream uninterrupted.

Odido Telecom Suffers Cyberattack

Exposed information includes full names, addresses, mobile numbers, customer numbers, email addresses, IBAN bank account numbers, dates of birth, and government ID details like passport or driver’s license numbers. Critically, passwords for the “My Odido” portal, call logs, location data, invoice details, and ID document scans were not compromised.

Odido is notifying affected customers via email from [email protected] or SMS within 48 hours, detailing individual impacts. The company has reported the breach to the Dutch Data Protection Authority (AP), complying with EU regulations.

Odido swiftly engaged external cybersecurity experts to bolster defenses, enhance monitoring, and raise staff awareness. CEO Søren Abildgaard stated: “We deeply regret this incident and are fully committed to limiting its impact and providing our customers with all necessary support.” A dedicated webpage offers updates, FAQs, and self-protection tips.

The breach underscores telecom vulnerabilities, as attackers exploited a customer contact database. Odido assures that no access to private contacts or location tracking occurred post-breach.

Cybercriminals could use the data for impersonation scams, fake invoices, or phishing attacks posing as Odido, banks, or others. Customers should scrutinize unsolicited calls, emails, or texts, checking sender domains, typos, or verifying numbers via official sites.

Advice includes never sharing passwords/PINs, confirming caller identities independently, and reviewing invoices only via “My Odido.” While not every breach leads to misuse, vigilance is key amid rising attacks.

Odido vows stronger measures to prevent recurrences, but experts note the scale of 6.2 million records amplifies identity theft potential. As FAQs evolve on Odido’s site, customers are urged to monitor for updates.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.