Hackers have gained access to private information from telecom firm Odido’s 6.2 million accounts, the company confirmed on Thursday. Odido subsidiary Ben has also warned its clients that their data may have been stolen.
The information accessed includes full names, addresses, phone numbers, email addresses, bank account details, dates of birth and passport or ID card numbers, Odido said.
The breach involves “personal information from Odido’s client contact system” and does not include passwords, phone usage data, billing details or scans of identification documents.
The hack was discovered last weekend and immediately reported to the AP privacy watchdog.
“The unauthorised access to the system was ended as quickly as possible,” Odido said in a statement. “In addition, Odido has brought in cybersecurity experts to implement additional security measures in response to this incident.”
NOS tech reporter Stan Hulsen said the data obtained is “very interesting” to criminals and could be used, for example, to send fake payment demands for unpaid invoices.
It is unclear whether all Odido customers are affected and the company has declined to say whether it is being pressured or blackmailed by the hackers, tech website Tweakers reported.
In the meantime, both Ben and Odido has urged customers to be alert to emails and text messages purporting to come from Odido, their bank or other organisations. In particular, customers should check phone numbers and the email addresses of senders.
