Odido provided incorrect information to TU Delft about the cyber attack in February. According to the telecom provider, TU business subscriptions were not affected, but it now appears that data from TU employees has been leaked after all.
Odido announced this on Tuesday 10 March in an email to the affected TU employees. The university also posted a message about this on its intranet that day.
No passwords
According to that message, no passwords or password hashes were leaked. “It is therefore not necessary to change your password,” according to TU Delft. However, the hackers did steal and publish the first names, surnames, email addresses, mobile numbers and dates of birth of the business accounts. The university advises employees to be extra alert to attempts at phishing or other fraudulent activities.
- Update 17 March 2026: On Monday 16 March, TU Delft posted further information about the data breach on its intranet. According to Odido, only TU Delft staff members who have installed the Odido app and logged in using a TU Delft work account and phone number have been affected.
In mid-February, the hacker group Shinyhunters stole the data of more than 6.2 million Odido customers. The hackers demanded a ransom of around 1 million euros to prevent the data from being published. Odido decided not to pay, after which the data was published on the dark web, a difficult-to-find part of the internet.
Comments are closed.