ShellCodeX Breach Report
Odido Data Breach
odido.nl
Verified breach
Accounts exposed
6,077,025
Breach date
12 Feb 2026
Added to tracker
26 Feb 2026
Data classes
11
What happened
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, a total of 6M unique email addresses were published across four separate data releases over consecutive days. The exposed data includes names, physical addresses, phone numbers, bank account numbers, dates of birth, customer service notes and passport, driverβs licence and European national ID numbers. Odido has published a disclosure notice including an FAQ to support affected customers.
Exposed data
Bank account numbers
Customer service records
Dates of birth
Driver's licenses
Email addresses
Genders
Government issued IDs
Names
Passport numbers
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Odido β attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk β consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP