Dutch telecom Odido confirms major cyberattack breached 6.2 million customers' personal data including names, addresses, bank account numbers details sparking serious identity theft concerns across the Netherlands
Australian firm FIIG Securities has been ordered to pay a $2.5 million penalty by the Federal Court following ASIC action over significant cybersecurity failures that led to a major data breach in 2023. The landmark case sets a new precedent for cyber resilience obligations for AFS licensees.
Artificial Labs has raised $45M in Series B funding to expand its AI-driven underwriting platform across global insurance markets. Backed by CommerzVentures, the London insurtech aims to modernise specialty insurance through automation, data intelligence, and scalable digital trading.
Dutch telecom Odido confirms major cyberattack breached 6.2 million customers' personal data including names, addresses, bank account numbers details sparking serious identity theft concerns across the Netherlands
Cyber News Centre's cyber update for 13th February 2026: Odido, the largest mobile provider in the Netherlands, has confirmed a major data breach affecting 6.2 million customers after hackers compromised a customer contact system.
Odido, formerly T-Mobile Netherlands, is the largest mobile telecommunications provider in the Netherlands, serving nearly 7 million customers with mobile, fiber, and TV services.
Update: Dutch telecommunications provider Odido has confirmed a significant cyberattack that resulted in the breach of personal data from 6.2 million customer accounts. The incident, which the company detected over the weekend of February 7-8 2026, occurred when attackers infiltrated a customer contact system and downloaded a vast trove of sensitive information.
The compromised data includes customers' full names, addresses, mobile numbers, email addresses, dates of birth, and bank account numbers (IBAN). In some cases, identification data such as passport or driver's license numbers were also exposed. Odido has stated that passwords, call logs, location data, and financial transaction details were not affected. The company was reportedly alerted to the breach by the attackers themselves, who claimed to have stolen millions of records.
While no group has publicly claimed responsibility, Odido has engaged external cybersecurity experts to investigate the incident, strengthened its security controls, and reported the breach to the Dutch Data Protection Authority. The company is in the process of notifying all affected customers via email and has set up a dedicated webpage to provide information and support.
Why it Matters: This massive breach at a major national telecommunications provider underscores the systemic risk facing critical infrastructure globally. For the 6.2 million individuals affected, the exposure of such a wide range of personal and financial data creates a significant and immediate risk of sophisticated phishing campaigns, identity theft, and financial fraud.
The incident serves as a stark reminder for organisations of the cascading consequences of a single system compromise, particularly within customer relationship management (CRM) systems that are often a repository of highly sensitive information.
The fact that the attackers, not internal systems, first alerted Odido to the breach highlights a potential gap in detection capabilities that other large enterprises should urgently review. This event reinforces the necessity for robust, multi-layered security and continuous monitoring, as the reputational and financial fallout from such a large-scale breach can be severe and long-lasting.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Australian firm FIIG Securities has been ordered to pay a $2.5 million penalty by the Federal Court following ASIC action over significant cybersecurity failures that led to a major data breach in 2023. The landmark case sets a new precedent for cyber resilience obligations for AFS licensees.
Victoria's largest not-for-profit private hospital group, Epworth HealthCare, has been targeted by a fake ransomware group known as 0APT. The group claims to have stolen 920GB of patient data, but evidence suggests it is a bluff designed to extort money through psychological warfare.
A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
German insurance major HanseMerkur has been targeted by the Russia-aligned Dragonforce ransomware gang, which claims to have stolen 97GB of data. The attack on the €3 billion firm highlights the escalating threat of ransomware to the global financial services and insurance sectors.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
