Wednesday, 11 March 2026 - 10:21
For years, Odido forwarded sensitive data from customers' routers to the American AI company Lifemote without clearly disclosing this in its privacy statement, the Telegraaf reports. According to the newspaper, the telecom company seems to have stopped this practice after the newspaper’s questions about it.
According to the Telegraaf, Odido routers forwarded the names and MAC addresses of all devices on a home network, along with the names of those devices, like “Jan’s iPhone,” or “Apple TV in the living room.” The routers also shared the names and MAC addresses of surrounding Wi-Fi networks and hotspots.
MAC stands for “media access control.” The MAC address is the unique identification number of every device you connect to the internet. The Dutch Data Protection Authority considers MAC addresses to be personal data.
Ethical hacker Spoke Mellema told the Telegraaf that this data is extremely sensitive because it can be used to track where devices, and therefore the people attached to them, are. The data can be used for extremely targeted advertising, for example.
Odido did not inform customers that it was sharing their personal data. Its privacy policy only states that Odido collects the MAC addresses and device data from its modems, not that the company then forwards this data to an artificial intelligence company in the United States.
The Dutch internet service provider would not tell the Telegraaf why it shared customers’ personal data with Lifemote, only referring the newspaper to its privacy statement. The company did say that it has updated the router software and stopped sharing data with Lifemote.
Odido also recently made headlines when hackers broke into its system and stole the personal data of 6.2 million current and former customers, eventually publishing the data when Odido refused to pay a ransom.
The hack revealed that the telecom company keeps customer data much longer than claimed. Odido’s privacy statement says it retains data for up to two years after the end of the contract. But former customers who switched up to 10 years ago received emails informing them that their data had been compromised in the hack.