Dutch Police Investigate Vishing Call as Key Lead in Odido Cyberattack Exposing 6.39 Million Customers

Published:

spot_img

Dutch Police Investigate Vishing Call as Key Lead in Odido Cyberattack Exposing 6.39 Million Customers

The recent cyberattack on Odido, a major Dutch telecom provider, has raised significant concerns following revelations of potential involvement by Dutch nationals. The attack, linked to the notorious ransomware group ShinyHunters, compromised the personal data of approximately 6.39 million customers. As investigations proceed, law enforcement is urging the public to assist in identifying those responsible for what is considered one of the largest data breaches in the Netherlands.

Timeline of the Attack

The cyber incident occurred over February 5 and 6, when attackers utilized voice phishing, or vishing, to deceive Odido’s customer service representatives. Posing as internal IT staff, the attackers gained unauthorized access to sensitive customer data. Although Odido’s security teams detected the breach immediately and revoked access, the attackers had already exfiltrated significant amounts of data, resulting in a large-scale data breach.

Investigative Developments

Under the guidance of the National Public Prosecution Service, the High Tech Crime Team (THTC) of the National Investigation and Intervention Unit has launched a comprehensive investigation into the breach. Authorities have indicated strong evidence suggesting that Dutch criminals may have played a role in the attack. A critical lead involves a phone call made shortly before the breach, during which a Dutch-speaking individual impersonated an Odido IT employee while communicating with customer service representatives. The police are actively working to identify this caller, with the possibility of releasing his voice to the public if necessary.

Investigators believe that individuals within cybercrime circles might possess crucial information regarding the perpetrators and are encouraging anyone with relevant details to reach out to law enforcement.

ShinyHunters Identified as the Threat Actor

Odido has attributed the attack to the cybercriminal group ShinyHunters, which executed a sophisticated social engineering campaign. CEO Søren Abildgaard publicly acknowledged the incident, expressing regret to affected customers and emphasizing the company’s commitment to enhancing its cybersecurity measures. He stated that Odido would continue to invest in security, improve data protection practices, and expand customer support services.

Abildgaard also clarified the company’s decision not to pay the ransom demanded by the attackers. He noted that complying with such demands would reward illegal activities and could potentially encourage further attacks against other organizations in the Netherlands. This decision was made in consultation with authorities, despite the risk that stolen data could eventually be published.

Scope of the Breach

Odido confirmed that approximately 6.39 million active and former customers of Odido and its Ben brand were impacted by the breach, while customers of Simpel were unaffected. The exposed data varied among individuals and included names, addresses, mobile phone numbers, customer numbers, email addresses, IBAN numbers, dates of birth, identification details, nationality, and gender.

The company clarified that certain sensitive information, such as My Odido account passwords, call records, location data, billing information, and scans of identity documents, remained secure and were not compromised. Reports suggesting that customer passwords had been leaked were addressed by Odido, which confirmed that login passwords remained encrypted and were never accessible during the attack. A separate telephone verification field, known as “password_c,” used as a customer challenge code for a limited number of customers, has since been discontinued.

Enhanced Customer Support and Security Measures

In response to the breach, Odido has bolstered its customer support by hiring over 140 additional service agents and implementing new security measures. These include the “Check je Gesprek” verification service, which allows customers to verify the legitimacy of communications claiming to be from Odido. Additionally, customers now have access to the F-Secure digital security service.

Odido has notified all customers identified as affected via email or SMS, and customer service teams are actively assisting users with inquiries related to their specific data exposure.

Meanwhile, Dutch authorities anticipate that investigations into the Odido cyberattack will continue for several months. Police have issued warnings about the increasing prevalence of cyberattacks targeting businesses and institutions, urging organizations to strengthen their cybersecurity defenses and advising citizens to remain vigilant against follow-on fraud and phishing attempts.

For further details on this incident, visit the original reporting source: thecyberexpress.com.

Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.

spot_img

Related articles

Recent articles

Cybersecurity Researchers Uncover “Ghostcommit”: A New Image-Based Attack Manipulating AI to Steal Sensitive Data

Cybersecurity Researchers Uncover "Ghostcommit": A New Image-Based Attack Manipulating AI to Steal Sensitive Data Cybersecurity researchers have identified a sophisticated supply chain attack technique dubbed...

Irvinder Singh Lail Appointed to Strengthen J.S. Held’s Global Capability Leadership

Irvinder Singh Lail Appointed to Strengthen J.S. Held's Global Capability Leadership In a significant move for the global consulting landscape, J.S. Held has appointed Irvinder...

From 17,000 to 1.1 Million Assets: Lumen Technologies Strengthens Exposure Management Through Comprehensive Data Reconciliation

From 17,000 to 1.1 Million Assets: Lumen Technologies Strengthens Exposure Management Through Comprehensive Data Reconciliation In a landscape where cybersecurity threats are increasingly sophisticated, accurate...

Sharjah Chamber Strengthens Economic Ties with Uganda and Jordan Through Strategic Discussions

Sharjah Chamber Strengthens Economic Ties with Uganda and Jordan Through Strategic Discussions The Sharjah Chamber of Commerce and Industry (SCCI) has taken significant steps to...