The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers.
The incident, which included an extortion attempt, has raised serious concerns about customer privacy and data security in the telecom sector.
Following the breach, attackers leaked the stolen information online in two separate dumps.
Extent of the Compromised Data
According to haveibeenpwned, the data leak occurred in two phases over consecutive days. The initial release contained 1 million records, exposing 317,000 unique email addresses.
The attackers then followed through on threats to release more information, dumping an additional 1 million records the very next day.
This second release contained another 371,000 unique email addresses.
The exposed information is highly sensitive and comprehensive. According to the attackers’ leak and Odido’s official disclosure notice, the compromised data includes:
- Full names and physical addresses
- Email addresses and phone numbers
- Bank account numbers
- Customer service notes left by operators
- Dates of birth
- Passport and driver’s license numbers
In response to the incident, Odido has published a security disclosure on its website to inform affected customers.
The company is actively investigating the breach to determine its full scope and how the attackers gained access to their systems.
The inclusion of government-issued identification numbers and banking details puts affected customers at a high risk of identity theft and financial fraud.
Given the severity of the exposed information, current and former Odido customers must take immediate protective action.
Users should monitor their bank accounts for suspicious activity and be vigilant against targeted phishing attempts that may use the leaked customer service notes to appear legitimate.
Security experts strongly recommend using a password manager to ensure all online accounts have strong, unique passwords, reducing the risk of credential stuffing attacks if any passwords were part of the breach.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
