NVIDIA turned AI factories into grid assets, China published its AI dominance doctrine, and the US military confirmed using Claude in Iran strikes. From energy infrastructure to battlefield targeting, the AI race this week moved well beyond Silicon Valley.
DragonForce ransomware hit Health Management Systems, an Australian healthcare software provider. Hospitals/clinics urged to check vendor security, isolate backups & train staff vs phishing.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Dutch telecom Odido confirms major cyberattack breached 6.2 million customers' personal data including names, addresses, bank account numbers details sparking serious identity theft concerns across the Netherlands
Cyber News Centre's cyber update for 13th February 2026: Odido, the largest mobile provider in the Netherlands, has confirmed a major data breach affecting 6.2 million customers after hackers compromised a customer contact system.
Odido, formerly T-Mobile Netherlands, is the largest mobile telecommunications provider in the Netherlands, serving nearly 7 million customers with mobile, fiber, and TV services.
Update: Dutch telecommunications provider Odido has confirmed a significant cyberattack that resulted in the breach of personal data from 6.2 million customer accounts. The incident, which the company detected over the weekend of February 7-8 2026, occurred when attackers infiltrated a customer contact system and downloaded a vast trove of sensitive information.
The compromised data includes customers' full names, addresses, mobile numbers, email addresses, dates of birth, and bank account numbers (IBAN). In some cases, identification data such as passport or driver's license numbers were also exposed. Odido has stated that passwords, call logs, location data, and financial transaction details were not affected. The company was reportedly alerted to the breach by the attackers themselves, who claimed to have stolen millions of records.
While no group has publicly claimed responsibility, Odido has engaged external cybersecurity experts to investigate the incident, strengthened its security controls, and reported the breach to the Dutch Data Protection Authority. The company is in the process of notifying all affected customers via email and has set up a dedicated webpage to provide information and support.
Why it Matters: This massive breach at a major national telecommunications provider underscores the systemic risk facing critical infrastructure globally. For the 6.2 million individuals affected, the exposure of such a wide range of personal and financial data creates a significant and immediate risk of sophisticated phishing campaigns, identity theft, and financial fraud.
The incident serves as a stark reminder for organisations of the cascading consequences of a single system compromise, particularly within customer relationship management (CRM) systems that are often a repository of highly sensitive information.
The fact that the attackers, not internal systems, first alerted Odido to the breach highlights a potential gap in detection capabilities that other large enterprises should urgently review. This event reinforces the necessity for robust, multi-layered security and continuous monitoring, as the reputational and financial fallout from such a large-scale breach can be severe and long-lasting.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
DragonForce ransomware hit Health Management Systems, an Australian healthcare software provider. Hospitals/clinics urged to check vendor security, isolate backups & train staff vs phishing.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
