In early February 2026, Dutch telecommunications provider Odido (formerly part of T-Mobile Netherlands) confirmed that it had been the target of a significant cyberattack affecting its customer contact systems. The company, which serves millions of mobile and fixed-internet customers across the Netherlands, responded quickly by shutting down unauthorized access and notifying regulators and affected users.

Details of the Incident

According to Odido’s official statement, cybercriminals gained unauthorized access to a customer contacts database used to communicate with subscribers. This resulted in the potential exposure of personal information for a large number of customers. The types of data involved may include:

• Full name and address
• Mobile phone number
• Customer number
• Email address
• Bank account number (IBAN)
• Date of birth
• Identity document numbers and expiration dates

Importantly, the breach did not involve passwords, call histories, billing data, or location information. Odido emphasized that its core network services—including mobile, internet and TV—remain fully operational and secure for customers.

How Odido Is Responding

Odido has taken several steps to address the incident responsibly:

• Immediate containment: The unauthorized access point was promptly shut down once identified.
• External expertise: Cybersecurity specialists were engaged to support further investigation and reinforce defenses.
• Customer notifications: Affected customers are being notified directly by email or SMS from the address [email protected].
• Regulatory reporting: The breach was reported to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), as required by law.
• Ongoing monitoring: Odido is actively monitoring for any signs of misuse of the exposed data.

The telecom provider also emphasizes transparency by maintaining a dedicated information page on its website where customers can find updates and answers to frequently asked questions about the incident.

What Customers Should Do

Even if your account wasn’t directly affected, Odido recommends heightened vigilance. Cybercriminals often use leaked personal information to craft targeted scams, including:

• Phishing emails or text messages, impersonating Odido or other trusted institutions
• Fraudulent phone calls asking for further personal or financial data
• Fake invoices demanding payment for services you didn’t request

Customers are advised to:

• Be cautious about unsolicited communications
• Avoid clicking links from unknown senders
• Never share passwords or PIN codes
• Verify suspicious messages with the official Odido website or your bank

Security Beyond This Incident

Odido offers several security tools and features designed to protect users on a daily basis, such as:

• Safe online browsing and anti-phishing protection, which helps block malicious sites and deceptive content.
• “Extra Veilig Online”, a service that guards mobile devices against viruses, spyware and other threats on the network.
• Home network security products that automatically protect devices connected to the home modem.
• Educational resources to help customers recognize scams and protect themselves online.

These services, combined with internal security measures and ongoing vigilance, are part of Odido’s broader approach to safeguarding customer data and maintaining trust.