07/13/2026 | Press release | Archived content
The Netherlands Authority for Consumers and Markets (ACM) is conducting an investigation into the measures that Odido has taken to protect its customers' personal data. This investigation was prompted by the data breach at Odido, which affected the data of millions of customers.
In the investigation, ACM collaborates with the Dutch Authority for Digital Infrastructure (RDI) and the Dutch Data Protection Authority (AP). The RDI is investigating whether the security of Odido's systems met the required standards, and the AP is conducting a parallel investigation into the retention period of customer data.
Central in ACM's investigation is the duty of care that telecom providers have to protect their customers' personal data at an appropriate level, so that third parties do not have access to it. ACM sees to it that telecom providers comply with this duty of care.