Odido has one major data breach in which personal data of more than 6 million customers was stolen. The leaked data includes names, addresses, telephone numbers, email addresses, IBAN numbers, dates of birth and sometimes passport or driver’s license information.
This stolen data increases it risk of phishingidentity fraud, SIM swapping and false invoices or phone calls from criminals pretending to be Odido or a bank. Specific personal information may make them appear credible, but that is not true. Have you been affected by a data breach at Odido? Then beware of these types of scams.
What you should do as a user
Be extra alert to suspicious emails, texts, apps or calls with typos, unknown senders or urgent requests for data – don’t click links or provide PINs or passwords. Always check invoices via My Odido, hang up if in doubt and call back via official numbers. If you have opened a suspicious link: change passwords (start with email and bank), report to Fraud Helpdesk (088-7867372) and report it to the police.
Beware of these scams
If your data has fallen into the hands of criminals, it is wise to be extra vigilant in the near future. You may be approached by malicious parties who try to obtain more information from you or to make you pay for false invoices.
Suspicious messages and calls
Cyber ​​criminals can try to contact you with your name, address, telephone number, email address and account number, pretending to be someone from Odido, your bank or another organization. Therefore, always stay alert to these types of phone calls, text messages, apps or emails.
Do you receive an unexpected call from an unknown number? An employee from your bank or another company may actually call. Verify this by asking the caller for his/her first and last name and for the company’s main phone number. If in doubt, you can indicate that you first want to verify whether the person is really an employee and then hang up. Then go to the company’s website to check if the number is correct. If the number is correct, call yourself and ask for the employee who called you.
Phishing via links
Be careful when opening links in emails, texts and apps. You can often recognize a suspicious email, text message or app by typos and unknown senders. Check the phone number. Or what comes after the ‘@’ sign of an email address. For example, odido always sends with @mail.odido.nl or @odido.nl.
By clicking on these fraudulent links, you can enter a so-called trusted environment where you can enter even more personal information, such as your password. After this, the criminals can start working with this data, and the consequences are less rosy.
Never share your password or PIN code
No company will ever ask you for your password, PIN or full verification codes. Only scammers use various excuses to obtain this personal information. Since a lot of personal data has been leaked, a criminal may try to gain your trust by sharing this information with you. This may feel confidential, but be wary. Never share your password or PIN, because no company will ever ask for it.
Fraudulent invoices
Always be vigilant when receiving invoices. Cybercriminals can exploit the situation by sending fake invoices that appear to be issued by Odido or other parties. Therefore, always thoroughly check the origin and accuracy of every invoice received before making payment. For example, you can always view an invoice from Odido in My Odido. If in doubt, always contact the company, find the contact details yourself and do not use the information provided in the invoice or email.
Fake website for damage claim
Be careful: scammers use the Odido data breach with a fake website. Victims receive emails that direct them to www.odidoschaden.nl, where they have to pay 50 euros for a damage claim. The site appears to offer help, but is a scam – criminals are trying to take advantage of the situation, the Consumers’ Association warns. Always check the sender and URL of suspicious emails or sites, and never pay for claims in advance. Odido provides official information on their safety page at no extra cost.
Switch to another provider
Have you lost confidence in Odido? Then you can switch to another provider. However, it is important to realize that the incident does not provide legal grounds for a free termination of your contract. If your contract is still running, you will have to wait until it expires or terminate it early, which may be accompanied by a fine. If the Dutch Data Protection Authority determines that Odido is seriously deficient, it is possible to cancel your contract earlier without consequences.
- KPN Mobile (mobile)
- KPN Internet & TV (internet, TV and landline phone)
- ZIGGO (internet, TV and landline phone)
- Ziggo business (internet, TV and landline phone)
- Vodafone (mobile)
- Hollandsnieuwe (mobile)
- Lebara (mobile)
- Youfone (mobile)
- Online (internet, TV and landline phone)
- Simple (mobile) – uses the Odido network
- Ben (mobile) – uses the Odido network
- Delta Fibre (internet, TV and landline phone) – uses the Odido network