Dutch phone giant Odido says millions of customers affected by data breach

Odido, a prominent Dutch telecommunications provider, has announced that a significant data breach has compromised the information of millions of its customers. In a statement released on Thursday, the company revealed that an unknown group of hackers gained unauthorized access to its customer contact system, leading to the illicit download of extensive customer data. The breach impacts over 6.2 million individuals, which represents roughly one-third of the Netherlands' population. The compromised information includes a range of personal details such as customer names, phone numbers, email addresses, postal addresses, dates of birth, and even bank account numbers (IBANs). Additionally, details regarding government-issued IDs, including passports and driver's licenses along with their validity dates, were also exposed. It's important to note that former customers who utilized Odido's services within the last two years may also be at risk. However, the company has assured that sensitive data like customer call records, location details, billing information, and scans of government IDs were not included in the breach. Business clients of Odido have been confirmed as unaffected by this incident. The breach impacts both Odido and its subsidiary, Ben NL, though the companies reported that their telephone, internet, and television services remain operational and secure. This incident is part of a troubling trend of data breaches targeting telecommunications companies, as hackers and government entities increasingly seek access to confidential customer information. Just days prior, the Singaporean government disclosed that a hacking group linked to China had infiltrated four major telecommunication firms in the country as part of a broader surveillance strategy, although no customer data was compromised in that instance. Meanwhile, the threat group known as Salt Typhoon, believed to be state-sponsored, has executed cyberattacks on numerous phone companies worldwide, including those in Canada, Norway, the UK, and the US, as part of an ongoing campaign to gather intelligence on government officials and diplomats.