Odido Telecom Says Customer Data Compromised in Cyberattack

Dutch telecommunications group Odido said it was hit with a cyberattack that compromised customer data, though services have remained operational.

The mobile network, owned by buyout firms Apax Partners and Warburg Pincus, said Thursday in a statement that it contained the incident as quickly as possible, and that it reported the compromise to the Authority for Personal Data. Passwords, call records and invoice data weren’t among the stolen information, according to the announcement.

Odido will alert affected customers within 48 hours, “due to the volume” of people impacted, according to the statement. Odido didn’t specify how many of its customers’ information was involved in the breach.

The telecommunications group recently postponed plans for an initial public offering in Amsterdam after a muted response from investors and corners over market volatility, Reuters reported. It serves roughly 8 million customers, according to Apax Partners.

Mobile data represents a valuable target for cybercrime groups and nation-state spies because of the deeply personal information stored within telecommunications firms. Text message and call metadata, location information and customer billing data each contain details that would help attackers learn more about an individual’s life or finances.

The European Commission on Feb. 5 said that a cyberattack may have accessed its central mobile infrastructure. That breach may have resulted in hackers’ gaining access to some staff names and mobile numbers, according to the statement.

“As Europe faces daily cyber and hybrid attacks on essential services and democratic institutions, the Commission is committed to further strengthen the EU’s cybersecurity resilience and capabilities,” the European Commission said in a statement on Feb. 5.

There has been no public indication that the Odido and Europen Commission incidents were connected.