CRITICAL SEVERITYTelecom

Odido Data Breach

Name: Odido Data Breach
Creator: ObscureIQ
Published: 2026-02-01
License: https://obscureiq.com/licensing/data-breach-dataset

Verified by ObscureIQ Intelligence

X in f @

10.0Severity

6.1MRecords

11Data Fields

2026Year

Impact & Downstream Threats

This breach carries critical risk due to the nature of exposed data fields and the scale of affected records.

Primary downstream threats:

Financial fraud using exposed financial profile data
Identity theft and synthetic identity construction using government-issued IDs
Identity verification bypass using name + date of birth combination
SIM swap attacks where phone numbers are present
Targeted phishing campaigns using exposed email addresses
Doxxing risk from physical address exposure

Breach Intelligence

EntityOdido

OrganizationPrivate Company • Netherlands

Breach DateFebruary 2026

DisclosureFebruary 2026

Records Exposed~6.1M

Attack VectorMisconfiguration

SourceHave I Been Pwned / DataBreach.com / ObscureIQ intelligence

StatusConfirmed

Executive Summary

In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, a total of 6M unique email addresses were published across four separate data releases over consecutive days. The exposed data includes names, physical addresses, phone numbers, bank account numbers, dates of birth, customer service notes and passport, driver’s licence and European national ID numbers. Odido has published a disclosure notice including an FAQ to support affected customers.

About Odido

Dutch telecommunications provider for mobile, broadband, and TV services.

Private CompanyNetherlandsodido.nl

Data Points Exposed

Verified fields in the released dataset:

Dates of birth

Email addresses

Full names

Gender

Government-issued IDs

Phone numbers

Physical addresses

Dark Web Verification

Status: Confirmed

Dataset containing approximately 6.1M records identified in breach intelligence sources.
The data is indexed and searchable across breach notification platforms.

Recommended Actions

⚠️ Do not assume this is low sensitivity.

Freeze Your Credit

Place a credit freeze with Equifax, Experian, and TransUnion.

Expect Targeted Phishing

Watch for emails referencing this breach. Verify communications through official channels.

Secure Email & Enable MFA

Email compromise is often the first pivot point. Enable multi-factor authentication.

Monitor Financial Accounts

Watch for unauthorized credit applications and suspicious activity.

Check Your Exposure

ObscureIQ clients: this breach is indexed in your profile.
Non-clients may request a breach impact review.

Frequently Asked Questions

What happened in the Odido data breach?▾

In February 2026, Odido experienced a data breach that exposed approximately 6.1M records containing personal information.

What data was exposed?▾

The exposed data includes fields such as bank account number, customer service records:customer service comment, date of birth, drivers license, email address.

How many records were affected?▾

Approximately 6.1M records were affected based on current breach intelligence.