{"id":17240,"date":"2026-03-02T10:24:26","date_gmt":"2026-03-02T09:24:26","guid":{"rendered":"https:\/\/i4-you.com\/what-the-data-breach-at-odido-teaches-us-about-governance-and-compliance\/"},"modified":"2026-03-11T14:46:03","modified_gmt":"2026-03-11T13:46:03","slug":"what-the-data-breach-at-odido-teaches-us-about-governance-and-compliance","status":"publish","type":"post","link":"https:\/\/i4-you.com\/en\/what-the-data-breach-at-odido-teaches-us-about-governance-and-compliance\/","title":{"rendered":"What the data breach at Odido teaches us about governance and compliance"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"17240\" class=\"elementor elementor-17240 elementor-17234\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4436d4a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4436d4a\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-627119e\" data-id=\"627119e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-2fcf846 elementor-reverse-mobile elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"2fcf846\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-0edfe27\" data-id=\"0edfe27\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8405413 elementor-widget elementor-widget-image\" data-id=\"8405413\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"1875\" height=\"1250\" src=\"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg\" class=\"attachment-full size-full wp-image-17241\" alt=\"Data breach Odido\" srcset=\"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg 1875w, https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido-300x200.jpg 300w, https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido-1024x683.jpg 1024w, https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido-768x512.jpg 768w, https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido-1536x1024.jpg 1536w\" sizes=\"(max-width: 1875px) 100vw, 1875px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-6d9bf7e elementor-reverse-mobile elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6d9bf7e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-4bea12a\" data-id=\"4bea12a\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c039373 elementor-widget elementor-widget-heading\" data-id=\"c039373\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<p class=\"elementor-heading-title elementor-size-default\">Written by:<\/p>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4df29f5 elementor-widget elementor-widget-heading\" data-id=\"4df29f5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<p class=\"elementor-heading-title elementor-size-default\">Willemijn Noordermeer, March 2, 2026<\/p>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc9efca elementor-icon-list--layout-inline elementor-align-center elementor-tablet-align-center elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"dc9efca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items elementor-inline-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/i4-you.com\/blog\/\">\n\n\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-chevron-circle-right\" viewBox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8c137 0 248 111 248 248S393 504 256 504 8 393 8 256 119 8 256 8zm113.9 231L234.4 103.5c-9.4-9.4-24.6-9.4-33.9 0l-17 17c-9.4 9.4-9.4 24.6 0 33.9L285.1 256 183.5 357.6c-9.4 9.4-9.4 24.6 0 33.9l17 17c9.4 9.4 24.6 9.4 33.9 0L369.9 273c9.4-9.4 9.4-24.6 0-34z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Back to overview<\/span>\n\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-1a90865 elementor-reverse-mobile elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1a90865\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;sticky&quot;:&quot;top&quot;,&quot;sticky_on&quot;:[&quot;desktop&quot;],&quot;sticky_offset&quot;:40,&quot;sticky_effects_offset&quot;:0,&quot;sticky_anchor_link_offset&quot;:0}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-402184c\" data-id=\"402184c\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b2d675e elementor-widget elementor-widget-elementskit-blog-posts\" data-id=\"b2d675e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"elementskit-blog-posts.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"ekit-wid-con\" >        <div id=\"post-items--b2d675e\" class=\"row post-items\" data-masonry-config=\"true\">\n                    <div class=\"col-lg-12 col-md-12\">\n\n                                    <div class=\"elementskit-post-image-card\">\n                        <div class=\"elementskit-entry-header\">\n                                                            <a href=\"https:\/\/i4-you.com\/en\/nis2-avg-the-archive-act-what-does-it-mean-for-your-microsoft-365-environment\/\" class=\"elementskit-entry-thumb\">\n                                    <img decoding=\"async\" src=\"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/NIS2-AVG-de-Archiefwet-wat-betekent-het-voor-jouw-Microsoft-365-omgeving-768x512.jpg\" alt=\"NIS2, AVG &amp; the Archive Act: what does it mean for your Microsoft 365 environment?\">\n                                <\/a><!-- .elementskit-entry-thumb END -->\n                                                            \n                            \n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div><!-- .elementskit-entry-header END -->\n\n\t\t\t\t\t\t<div class=\"elementskit-post-body \">\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h2 class=\"entry-title\">\n\t\t\t\t\t<a href=\"https:\/\/i4-you.com\/en\/nis2-avg-the-archive-act-what-does-it-mean-for-your-microsoft-365-environment\/\">\n\t\t\t\t\t\tNIS2, AVG &amp; the Archive Act: what does it mean for your Microsoft 365 environment?\t\t\t\t\t<\/a>\n\t\t\t\t<\/h2>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                                                            <div class=\"btn-wraper\">\n                                    \n                                                                            <a class=\"elementskit-btn whitespace--normal\" id=\"\" href=\"https:\/\/i4-you.com\/en\/nis2-avg-the-archive-act-what-does-it-mean-for-your-microsoft-365-environment\/\">\n                                        \t                                            Read Fresh blog                                        <\/a>\n                                                                    <\/div>\n                                                    <\/div><!-- .elementskit-post-body END -->\n                    <\/div>\n                \n            <\/div>\n                    <div class=\"col-lg-12 col-md-12\">\n\n                                    <div class=\"elementskit-post-image-card\">\n                        <div class=\"elementskit-entry-header\">\n                                                            <a href=\"https:\/\/i4-you.com\/en\/how-automatic-workspace-creation-saves-time-and-eliminates-errors\/\" class=\"elementskit-entry-thumb\">\n                                    <img decoding=\"async\" src=\"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Hoe-automatische-workspace-creatie-tijd-bespaart-en-fouten-voorkomt-768x512.jpg\" alt=\"How automatic workspace creation saves time and eliminates errors\">\n                                <\/a><!-- .elementskit-entry-thumb END -->\n                                                            \n                            \n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div><!-- .elementskit-entry-header END -->\n\n\t\t\t\t\t\t<div class=\"elementskit-post-body \">\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h2 class=\"entry-title\">\n\t\t\t\t\t<a href=\"https:\/\/i4-you.com\/en\/how-automatic-workspace-creation-saves-time-and-eliminates-errors\/\">\n\t\t\t\t\t\tHow automatic workspace creation saves time and eliminates errors\t\t\t\t\t<\/a>\n\t\t\t\t<\/h2>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                                                            <div class=\"btn-wraper\">\n                                    \n                                                                            <a class=\"elementskit-btn whitespace--normal\" id=\"\" href=\"https:\/\/i4-you.com\/en\/how-automatic-workspace-creation-saves-time-and-eliminates-errors\/\">\n                                        \t                                            Read Fresh blog                                        <\/a>\n                                                                    <\/div>\n                                                    <\/div><!-- .elementskit-post-body END -->\n                    <\/div>\n                \n            <\/div>\n                <\/div>\n       <\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-bda1a4a\" data-id=\"bda1a4a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dc566d6 elementor-widget elementor-widget-heading\" data-id=\"dc566d6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">What the data breach at Odido teaches us about governance and compliance<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c1672b4 elementor-widget elementor-widget-text-editor\" data-id=\"c1672b4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The recent data breach at Odido has had a major impact. For millions of customers and (former) customers it is a drastic event: personal data that you share in confidence suddenly appears to have ended up in the wrong hands. This creates uncertainty, worries about misuse and the feeling of loss of control over your own data. It is also an extremely unpleasant situation for Odido itself, with reputational damage, extra pressure on employees and intensive follow-up with clients and regulators.   <\/p><p>It is important to name that explicitly. These kinds of incidents affect people and organizations deeply. That is precisely why it is valuable to look beyond questions of blame to see what we can learn from this.  <\/p><p>In this blog, we analyze what this incident teaches us about governance and compliance, what fundamental questions it raises about data management and access rights, and what organizations can already do today to structurally reduce their risks.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-07bfdfb elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"07bfdfb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c125dd0 elementor-widget elementor-widget-heading\" data-id=\"c125dd0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What do we know (as far as we know)?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-97702a9 elementor-widget elementor-widget-text-editor\" data-id=\"97702a9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Based on reliable reporting, it appears that:<\/p>\n<ul>\n<li>Attackers captured customer service representatives&#8217; login credentials via phishing.<\/li>\n<li>Then via social engineering an additional security step was bypassed.<\/li>\n<li>Then access was gained to the customer contact system.<\/li>\n<li>From that system automated customer data is stored.<\/li>\n<\/ul>\n<p><br>The data included names, addresses, phone numbers, customer numbers, account numbers, sensitive notes and identity information. Driving licenses, passports and even residence papers of diplomats have also been captured, according to recent reports. About 6.2 million accounts have been mentioned.  <\/p>\n<p>In addition, discussion arose about retention periods. Former customers from five to 10 years ago received notice that their data may have been captured, while the privacy statement states that contract data are retained for a maximum of two years after the end of the contract (with exceptions for legal obligations). The investigation is ongoing, but governance issues obviously raise many questions.  <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-00bb7dc elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"00bb7dc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-045d1df elementor-widget elementor-widget-heading\" data-id=\"045d1df\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Where did it go wrong?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-81b26d0 elementor-widget elementor-widget-text-editor\" data-id=\"81b26d0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>With major data breaches, the initial focus is almost always on the question: how did they get in? But just as important is the question: what were the attackers able to do after they got in? After all, a successful phishing email does not have to produce millions of records in all cases. That only happens if the internal setup allows it.   <\/p><p>When an employee account allows access to a system where full identity data is visible, it&#8217;s not just about security, but about how data is fundamentally organized. Especially when it comes to data such as passport numbers or bank account information. That kind of data should only be accessible to functions that strictly need it, and even then preferably minimized or masked.  <\/p><p>When a system contains not only current data but also historical data many years old, and sensitive identity data is not logically separated from regular customer information, there is a bigger problem than just getting in. The real vulnerability then lies in how data is stored, classified and accessed. An attack can open the door, but the internal design determines how much can then be taken. Governance is thus not just a layer of protection on the outside, but primarily a mechanism to limit the damage on the inside.   <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4588a07 elementor-widget elementor-widget-heading\" data-id=\"4588a07\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Did Odido break any laws in doing so?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-339582e elementor-widget elementor-widget-text-editor\" data-id=\"339582e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>That cannot be definitively determined at this time. Investigations are ongoing and it is up to the regulator to judge whether the AVG has been violated. Odido&#8217;s privacy statement does state that contract data will be retained for up to two years after termination, with exceptions such as tax obligations (up to seven years) or specific credit constructions.  <\/p><p>At the same time, former customers from five to 10 years ago also received notice of possible exposure of their data. This seems to indicate that some data may have been retained longer than the standard period from their own policies. Whether that actually violates the AVG depends on the exact context, outstanding liabilities and the purpose for which the data was still retained.  <\/p><p>A data breach does not automatically mean that laws have been broken. But if governance in practice deviates from what is written on paper, a legal risk does arise. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c7d94a6 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"c7d94a6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-28bad6b elementor-widget elementor-widget-heading\" data-id=\"28bad6b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What are the consequences of a data breach?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-81e9d13 elementor-widget elementor-widget-text-editor\" data-id=\"81e9d13\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A data breach is rarely just a technical incident. It affects multiple layers of an organization: <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-e62319b elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e62319b\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-a888e6b elementor-hidden-mobile\" data-id=\"a888e6b\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f77e52 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"4f77e52\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-cancel\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-7ebe9a5\" data-id=\"7ebe9a5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3125a1f elementor-widget elementor-widget-heading\" data-id=\"3125a1f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Reputation damage<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-db17dfb elementor-widget elementor-widget-text-editor\" data-id=\"db17dfb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Trust is fragile. Especially when sensitive data such as bank account numbers or identity information is involved. Customers expect their data to be secure. When that trust wavers, you don&#8217;t just fix it.   <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-e861855 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e861855\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-51592a0 elementor-hidden-mobile\" data-id=\"51592a0\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-392653e elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"392653e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-cancel\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-8a9c551\" data-id=\"8a9c551\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8222f73 elementor-widget elementor-widget-heading\" data-id=\"8222f73\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Supervision and possible fines<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4fecc74 elementor-widget elementor-widget-text-editor\" data-id=\"4fecc74\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The Personal Data Authority can investigate whether the AVG has been complied with. If it is found that security or data management was inadequate, enforcement action may follow. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-b0ae343 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b0ae343\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-fcdafd3 elementor-hidden-mobile\" data-id=\"fcdafd3\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f95c4e3 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"f95c4e3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-cancel\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-52a77fc\" data-id=\"52a77fc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-67eeb87 elementor-widget elementor-widget-heading\" data-id=\"67eeb87\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Claims and class actions<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d4dad9 elementor-widget elementor-widget-text-editor\" data-id=\"3d4dad9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>When major data breaches occur, we increasingly see parties preparing claims for damages. Liability is legally complex, but the risk of litigation is real. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-ff5798b elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"ff5798b\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-fbda478 elementor-hidden-mobile\" data-id=\"fbda478\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-533d345 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"533d345\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-cancel\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-8b63981\" data-id=\"8b63981\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8476c15 elementor-widget elementor-widget-heading\" data-id=\"8476c15\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Operational pressure<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b6e2687 elementor-widget elementor-widget-text-editor\" data-id=\"b6e2687\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A data breach creates enormous pressure on support, IT, legal teams and communications departments. At the same time, internal turmoil often ensues. Employees feel addressed, sometimes even personally responsible.  <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-1b4c9d3 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1b4c9d3\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-5436613 elementor-hidden-mobile\" data-id=\"5436613\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f3b7c17 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"f3b7c17\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-cancel\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-6eff862\" data-id=\"6eff862\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e514a12 elementor-widget elementor-widget-heading\" data-id=\"e514a12\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Loss of control<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-87f91c4 elementor-widget elementor-widget-text-editor\" data-id=\"87f91c4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>When cybercriminals threaten to publish stolen data on the dark web, it creates long-term uncertainty. In this case, there is a threat of disclosure if payment is not made. This puts an organization in an extremely difficult position. Even if a ransom is demanded and paid, there is never complete certainty that data will actually be removed or not still be resold or published. Criminals operate outside any legal framework. Paying offers no guarantee.     <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-0307b6a elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"0307b6a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-83b715d elementor-widget elementor-widget-heading\" data-id=\"83b715d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What can you do to prevent a data breach like this?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-05acd70 elementor-widget elementor-widget-text-editor\" data-id=\"05acd70\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>No one is immune to cyber attacks. That&#8217;s the reality. Attackers are getting smarter, phishing emails more convincing and social engineering more sophisticated. Even organizations with comprehensive security measures can become targets.   <\/p><p>But what we often see in major incidents is that the real damage comes not just from getting in, but from what is available afterwards. Many escalations become larger than necessary because basic principles of governance are not structurally in place or technically enforced. Therein lies the difference between an incident and a crisis.  <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-311cdc8 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"311cdc8\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-895bfd2 elementor-hidden-mobile\" data-id=\"895bfd2\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6505b7e elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"6505b7e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-check\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-6bff7d5\" data-id=\"6bff7d5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-34ec49d elementor-widget elementor-widget-heading\" data-id=\"34ec49d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">1. Data minimization<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9363945 elementor-widget elementor-widget-text-editor\" data-id=\"9363945\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The first step is to take a critical look at what personal data you, as an organization, actually need for your services. Data minimization means not collecting or storing more data than is necessary for the purpose for which it is intended. After all, each additional data set increases the risk in the event of an incident.  <\/p><p><span class=\"TextRun SCXW221417062 BCX8\" lang=\"NL-NL\" xml:lang=\"NL-NL\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW221417062 BCX8\" data-ccp-parastyle=\"No Spacing\">The more sensitive data you process and store by default, the greater the potential impact when something goes wrong. By critically determining which data is really necessary for your services and which is not, you structurally limit your risk profile. <\/span><\/span><span class=\"EOP SCXW221417062 BCX8\" data-ccp-props=\"{\"335559739\":0}\"> <\/span><\/p><p><span class=\"TextRun SCXW104909329 BCX8\" lang=\"NL-NL\" xml:lang=\"NL-NL\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW104909329 BCX8\" data-ccp-parastyle=\"No Spacing\">Advice: Map out which personal data you process, test the purpose and necessity of each piece of data and remove or anonymize what is not strictly necessary. What you do not collect or store cannot be leaked. <\/span><\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-966e157 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"966e157\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-b4a03bc elementor-hidden-mobile\" data-id=\"b4a03bc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7d77d93 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"7d77d93\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-check\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-f597399\" data-id=\"f597399\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7c66a5f elementor-widget elementor-widget-heading\" data-id=\"7c66a5f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">2. Retention periods and lifecycle management  <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-00ca38f elementor-widget elementor-widget-text-editor\" data-id=\"00ca38f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">At least as important as restricting access is looking critically at how long data is kept. Under the AVG, the principle of storage limitation applies: personal data may not be kept longer than necessary for the purpose for which it was collected. Data that no longer serves a functional or legal purpose is especially at risk.  <\/span><span data-ccp-props=\"{\"335559739\":0}\"> <\/span><\/p><p><span data-contrast=\"auto\">In practice, we often see that data remains &#8220;just in case,&#8221; or because systems are not properly set up to automatically clean up. This is precisely where vulnerability arises. The longer historical data remains available, the greater the potential impact when someone gains access to a system.  <\/span><span data-ccp-props=\"{\"335559739\":0}\"> <\/span><\/p><p><span data-contrast=\"auto\">Advice: Make sure retention periods are not just in policy or a privacy statement, but technically enforced. Work with automated retention policies, perform periodic checks on old data sets and set up clear lifecycle processes. What is deleted or anonymized in a timely manner also cannot be captured.  <\/span><span data-ccp-props=\"{\"335559739\":0}\"> <\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-bdb5a9a elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"bdb5a9a\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-e93afbb elementor-hidden-mobile\" data-id=\"e93afbb\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d432c2a elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"d432c2a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-check\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-70e9f11\" data-id=\"70e9f11\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bb2fafc elementor-widget elementor-widget-heading\" data-id=\"bb2fafc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">3. Role-based access and periodic rights review<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f3379dd elementor-widget elementor-widget-text-editor\" data-id=\"f3379dd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Even if you have critically determined what data you are processing, the question remains: who is allowed to access it next? Access to personal data should always be based on function and necessity. The more broadly access rights are set up, the greater the impact when an account is misused.  <\/p><p>In many daily customer contacts, for example, name, customer number and contract information are sufficient to handle a query or make a change. Full passport numbers or complete IBANs are rarely necessary in most operational processes. That means these data do not need to be visible or accessible by default to all employees within a department.  <\/p><p>Recommendation: Set up access rights based on function and need, and evaluate them regularly. Ensure that employees have access only to the information they need to perform their jobs. When an account is misused, the impact should be limited to a defined portion of the data, not the entire customer base.  <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-a631221 elementor-hidden-tablet elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a631221\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-838602b elementor-hidden-mobile\" data-id=\"838602b\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e42e0e0 elementor-view-stacked elementor-shape-circle elementor-widget elementor-widget-icon\" data-id=\"e42e0e0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon\">\n\t\t\t<i aria-hidden=\"true\" class=\"icon icon-check\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-c82fa0d\" data-id=\"c82fa0d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d42c1d6 elementor-widget elementor-widget-heading\" data-id=\"d42c1d6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">4. Do not underestimate the human factor<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-08df59f elementor-widget elementor-widget-text-editor\" data-id=\"08df59f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>No matter how well designed systems are, ultimately people work with them. And social engineering in particular focuses on that human side. Attackers play on trust, urgency and authority. This means that even well-trained employees can make a mistake under pressure. This is not an individual failure, but a reality that you must take into account as an organization.    <\/p><p>Awareness is therefore not an afterthought, but a structural part of governance. Employees must understand why certain security measures exist, the risks involved and their role in them. Certainly positions with access to sensitive systems deserve extra attention.  <\/p><p>Advice: Invest in training and awareness programs, conduct phishing simulations, for example, and provide clear and accessible reporting procedures. Make security negotiable, without a blame culture. When employees feel both aware and supported, you reduce the chances of an attack succeeding and increase the chances of an incident being recognized and mitigated quickly.  <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-d0250d3 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"d0250d3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-07e3450 elementor-widget elementor-widget-heading\" data-id=\"07e3450\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Is your organization at risk of a data breach?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-00948a0 elementor-widget elementor-widget-text-editor\" data-id=\"00948a0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Many organizations assume that governance and compliance are in place. Policies are in place, security measures are in place, and work is being done in accordance with the AVG. It may be true on paper, but in practice it must also be demonstrably working. Are retention periods actually technically enforced? Are access rights really based on necessity? Is sensitive information logically separated and with limited visibility? It is precisely on these points that risks often arise unnoticed.      <\/p><p>A data breach rarely occurs because of one big mistake. Usually it is a sum of small vulnerabilities in access, retention periods and setup. Want to know if your organization is at risk? With a Governance &amp; Compliance Scan we clearly map out where you stand, where possible risks are and what concrete steps you can take to limit the impact of an incident.   <\/p><p>Schedule a scan and get a grip before an incident forces you to react after the fact!<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c28175f elementor-align-left elementor-widget__width-auto elementor-widget elementor-widget-button\" data-id=\"c28175f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm elementor-animation-grow\" href=\"https:\/\/i4-you.com\/en\/copilot-governance-scan\/\" target=\"_blank\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t<span class=\"elementor-button-icon\">\n\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-far-calendar-check\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M400 64h-48V12c0-6.627-5.373-12-12-12h-40c-6.627 0-12 5.373-12 12v52H160V12c0-6.627-5.373-12-12-12h-40c-6.627 0-12 5.373-12 12v52H48C21.49 64 0 85.49 0 112v352c0 26.51 21.49 48 48 48h352c26.51 0 48-21.49 48-48V112c0-26.51-21.49-48-48-48zm-6 400H54a6 6 0 0 1-6-6V160h352v298a6 6 0 0 1-6 6zm-52.849-200.65L198.842 404.519c-4.705 4.667-12.303 4.637-16.971-.068l-75.091-75.699c-4.667-4.705-4.637-12.303.068-16.971l22.719-22.536c4.705-4.667 12.303-4.637 16.97.069l44.104 44.461 111.072-110.181c4.705-4.667 12.303-4.637 16.971.068l22.536 22.718c4.667 4.705 4.636 12.303-.069 16.97z\"><\/path><\/svg>\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Schedule the Governance &amp; Compliance Scan<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Written by: Willemijn Noordermeer, March 2, 2026 Back to overview Wat het datalek bij Odido ons leert over governance en compliance Read Fresh blog Hoe zorg je dat compliance automatisch wordt geborgd (in plaats van achteraf)? Read Fresh blog What the data breach at Odido teaches us about governance and compliance The recent data breach [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17241,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"elementor_header_footer","format":"standard","meta":{"content-type":"","_improvement_type_select":"improve_an_existing","_thumb_yes_seoaic":false,"_frame_yes_seoaic":false,"seoaic_generate_description":"","seoaic_improve_instructions_prompt":"","seoaic_rollback_content_improvement":"","seoaic_idea_thumbnail_generator":"","thumbnail_generated":false,"thumbnail_generate_prompt":"","seoaic_article_description":"","seoaic_article_subtitles":[],"footnotes":""},"categories":[127],"tags":[129],"class_list":["post-17240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-management","tag-information-management"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What the data breach at Odido teaches us about governance and compliance<\/title>\n<meta name=\"description\" content=\"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/i4-you.com\/datalek-odido\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What the data breach at Odido teaches us about governance and compliance\" \/>\n<meta property=\"og:description\" content=\"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/i4-you.com\/datalek-odido\/\" \/>\n<meta property=\"og:site_name\" content=\"I4-YOU\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-02T09:24:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-11T13:46:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1875\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/#\\\/schema\\\/person\\\/63939990e7e7c5e3714e7d1ae55eab19\"},\"headline\":\"What the data breach at Odido teaches us about governance and compliance\",\"datePublished\":\"2026-03-02T09:24:26+00:00\",\"dateModified\":\"2026-03-11T13:46:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/\"},\"wordCount\":1856,\"image\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i4-you.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Datalek-Odido.jpg\",\"keywords\":[\"Information Management\"],\"articleSection\":[\"Information Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/\",\"url\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/\",\"name\":\"What the data breach at Odido teaches us about governance and compliance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i4-you.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Datalek-Odido.jpg\",\"datePublished\":\"2026-03-02T09:24:26+00:00\",\"dateModified\":\"2026-03-11T13:46:03+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/#\\\/schema\\\/person\\\/63939990e7e7c5e3714e7d1ae55eab19\"},\"description\":\"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i4-you.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Datalek-Odido.jpg\",\"contentUrl\":\"https:\\\/\\\/i4-you.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Datalek-Odido.jpg\",\"width\":1875,\"height\":1250,\"caption\":\"Data breach Odido\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/datalek-odido\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/i4-you.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What the data breach at Odido teaches us about governance and compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/#website\",\"url\":\"https:\\\/\\\/i4-you.com\\\/\",\"name\":\"I4-YOU\",\"description\":\"Microsoft 365 Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/i4-you.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/i4-you.com\\\/#\\\/schema\\\/person\\\/63939990e7e7c5e3714e7d1ae55eab19\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/i4-you.com\"],\"url\":\"https:\\\/\\\/i4-you.com\\\/en\\\/author\\\/iris\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What the data breach at Odido teaches us about governance and compliance","description":"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/i4-you.com\/datalek-odido\/","og_locale":"en_US","og_type":"article","og_title":"What the data breach at Odido teaches us about governance and compliance","og_description":"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.","og_url":"https:\/\/i4-you.com\/datalek-odido\/","og_site_name":"I4-YOU","article_published_time":"2026-03-02T09:24:26+00:00","article_modified_time":"2026-03-11T13:46:03+00:00","og_image":[{"width":1875,"height":1250,"url":"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/i4-you.com\/datalek-odido\/#article","isPartOf":{"@id":"https:\/\/i4-you.com\/datalek-odido\/"},"author":{"name":"admin","@id":"https:\/\/i4-you.com\/#\/schema\/person\/63939990e7e7c5e3714e7d1ae55eab19"},"headline":"What the data breach at Odido teaches us about governance and compliance","datePublished":"2026-03-02T09:24:26+00:00","dateModified":"2026-03-11T13:46:03+00:00","mainEntityOfPage":{"@id":"https:\/\/i4-you.com\/datalek-odido\/"},"wordCount":1856,"image":{"@id":"https:\/\/i4-you.com\/datalek-odido\/#primaryimage"},"thumbnailUrl":"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg","keywords":["Information Management"],"articleSection":["Information Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/i4-you.com\/datalek-odido\/","url":"https:\/\/i4-you.com\/datalek-odido\/","name":"What the data breach at Odido teaches us about governance and compliance","isPartOf":{"@id":"https:\/\/i4-you.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/i4-you.com\/datalek-odido\/#primaryimage"},"image":{"@id":"https:\/\/i4-you.com\/datalek-odido\/#primaryimage"},"thumbnailUrl":"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg","datePublished":"2026-03-02T09:24:26+00:00","dateModified":"2026-03-11T13:46:03+00:00","author":{"@id":"https:\/\/i4-you.com\/#\/schema\/person\/63939990e7e7c5e3714e7d1ae55eab19"},"description":"In this blog, we analyze what the data breach at Odido teaches us about governance and compliance and how to prevent it.","breadcrumb":{"@id":"https:\/\/i4-you.com\/datalek-odido\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/i4-you.com\/datalek-odido\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i4-you.com\/datalek-odido\/#primaryimage","url":"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg","contentUrl":"https:\/\/i4-you.com\/wp-content\/uploads\/2026\/03\/Datalek-Odido.jpg","width":1875,"height":1250,"caption":"Data breach Odido"},{"@type":"BreadcrumbList","@id":"https:\/\/i4-you.com\/datalek-odido\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/i4-you.com\/"},{"@type":"ListItem","position":2,"name":"What the data breach at Odido teaches us about governance and compliance"}]},{"@type":"WebSite","@id":"https:\/\/i4-you.com\/#website","url":"https:\/\/i4-you.com\/","name":"I4-YOU","description":"Microsoft 365 Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/i4-you.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/i4-you.com\/#\/schema\/person\/63939990e7e7c5e3714e7d1ae55eab19","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b6086bfbc5dc41ec736eb511e1db8d3d0c1bc36a3755b762a91a570468e8cc51?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/i4-you.com"],"url":"https:\/\/i4-you.com\/en\/author\/iris\/"}]}},"_links":{"self":[{"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/posts\/17240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/comments?post=17240"}],"version-history":[{"count":12,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/posts\/17240\/revisions"}],"predecessor-version":[{"id":17268,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/posts\/17240\/revisions\/17268"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/media\/17241"}],"wp:attachment":[{"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/media?parent=17240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/categories?post=17240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/i4-you.com\/en\/wp-json\/wp\/v2\/tags?post=17240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}