Dutch police link local hackers to Odido telecom breach
Dutch National Police announced strong indications that Dutch hackers were involved in the February 2026 breach of telecom provider Odido. Attackers used vishing/phishing to access a customer contact system, stealing personal data of 6.2 million customers. ShinyHunters previously claimed responsibility and leaked a large archive of records.
On February 10, 2026, attackers gained access to Odido’s customer contact system through vishing and phishing, stealing the personal data of 6.2 million customers. The exposed information includes names, addresses, phone numbers, email addresses, IBAN bank details, dates of birth, and ID card information. Dutch National Police have now stated there are strong indications that local Dutch hackers played a central role in the breach.
Confirmed Facts from Reporting
Public reporting indicates the attackers first used social-engineering techniques to compromise an internal contact system at Odido, a major Dutch telecommunications provider. Once inside, they exfiltrated a large volume of customer records. ShinyHunters later claimed responsibility and published a substantial archive of the stolen data. The Dutch National Police announced on July 10, 2026, that their investigation points to Dutch nationals as the primary perpetrators. Available reporting describes the breach as one of the largest involving a Dutch telecom company in recent years.
Why This Matters for You and Your Family
If you or anyone in your household has ever had a mobile or broadband contract with Odido, your full contact details, date of birth, bank account numbers, and ID information may now be circulating among criminals. 6.2 million affected customers means the odds are high that your family is exposed. Criminals can combine this data with information from other breaches to open accounts in your name, request new SIM cards, or target you with convincing fraud calls. Children’s records are often included in household accounts, putting their information at risk as well.
The Doxxing and Identity-Chain Implications
A breach of this scale rarely stops at one database. Names, addresses, phone numbers, and email addresses become the foundation for doxxing chains that link your online handles, gaming accounts, and family members’ profiles. Once criminals map these connections, they can impersonate you across services, hijack accounts that reuse the same credentials, or sell the full identity package on underground markets. Credential leaks like this one frequently cascade into gaming account takeovers, especially for children’s profiles tied to the same household address and payment details.
ShinyHunters’ Publicly Known Track Record
Public reporting attributes the initial claim of responsibility to the group known as ShinyHunters. The group first gained notoriety around 2020 and has since targeted numerous consumer-facing companies, including other telecoms, retailers, and gaming platforms. Their typical playbook involves initial access through phishing or vishing, followed by rapid exfiltration of customer databases and public leaks or extortion demands. In many cases they release samples of the data to pressure victims before dumping larger archives.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, addresses, and online handles so you can see the full identity chain criminals could build from the Odido data.
- Rotate the password you used for your Odido account anywhere it is reused, and switch on two-factor authentication with an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak exposing you or your family is caught within hours instead of months.
- Cover the entire household with DoxxScan family protection, which includes children’s gaming accounts that often chain back to the same address and leaked contact details.
- Let DoxxScan’s remediation specialists handle takedown requests for any data-broker listings that surface from this breach.
The Odido breach shows how quickly a single telecom incident can expose millions of households to long-term identity abuse. Taking concrete steps now limits how far criminals can travel down the identity chain created by this leak. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Start protecting your family before the next wave of fraud begins.
Related breaches
Match Group (Tinder, Hinge, OkCupid) Data Breach — January 2026
ShinyHunters claimed responsibility for stealing over 10 million Match Group user records in early 2…
Everest ransomware claims breach of Liberty Mutual insurance data
The Everest ransomware group listed Liberty Mutual on its leak site, claiming theft of over 100 GB o…
Instructure Canvas LMS suffers massive data theft affecting 275M users
Education technology company Instructure confirmed a breach of its Canvas learning management system…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →