Dutch police have warned they could publicly release a suspect’s voice recording as they continue investigating the Odido data breach, which exposed the personal information of more than 6.2 million current and former customers.

Investigators believe the caller played a key role in the attack by impersonating an Odido IT employee. The social engineering call allegedly helped attackers gain access to the telecom provider’s internal systems before customer data was stolen and later leaked online.

Police Urge Suspect to Come Forward

The Dutch National Operations Unit announced on July 9 that investigators have strong indications the people behind the attack include Dutch nationals.

The High Tech Crime Team is now urging the suspected caller to identify himself voluntarily.

If he refuses, police say they are prepared to publish a recording of his voice to help identify him.

Stan Duijf, head of operations at the National Operations Unit, said cybercrime investigations often take time. However, he noted that cybercriminals leave digital traces that can eventually lead investigators to them.

Authorities are also asking anyone with knowledge of the attack to contact police. Investigators believe the perpetrators may have discussed the operation within cybercrime communities or private online channels.

Servers Taken Offline During Investigation

The investigation has already produced several results.

Dutch authorities said they seized multiple servers allegedly used to distribute the stolen customer data after the Odido data breach.

Police have not announced any arrests. However, officials say the investigation is progressing and will continue for several more months as they work to identify everyone involved.

Social Engineering Opened the Door

Odido disclosed the breach in February after attackers compromised the company’s Salesforce-based customer relationship management (CRM) platform.

The Odido data breach exposed personal information belonging to more than 6.2 million customers and former customers.

The stolen records included names, home addresses, telephone numbers, dates of birth, bank account details, customer identification numbers, and government-issued identity document numbers.

Early reports suggested the attackers relied on voice phishing rather than technical vulnerabilities.

Investigators believe the suspect impersonated an IT employee and convinced staff members to approve fraudulent multi-factor authentication requests. Once access was granted, the attackers used automated tools to extract customer records from the CRM system.

The latest findings from Dutch police support that theory, identifying the phone call as a critical part of the intrusion.

ShinyHunters Claimed Responsibility

After stealing the customer database, the cybercrime group ShinyHunters claimed responsibility for the attack.

The group allegedly attempted to extort Odido before publishing the stolen information online.

The Odido data breach has also triggered legal action. In April, Consumers United in Court (CUIC) filed a class-action lawsuit against the telecom provider over the incident.

Authorities have also warned customers about follow-up scams linked to the breach. Fraudsters have reportedly contacted affected individuals and offered compensation claims in exchange for an upfront fee of €50.

As the investigation continues, Dutch police hope new evidence and public cooperation will help identify every person involved in one of the country’s largest telecom data breaches.


0 responses to “Dutch Police May Release Suspect’s Voice in Odido Data Breach Investigation”