What is offline secure storage?

Offline secure storage (OSS) is a data protection method where data is physically disconnected from the internet when not in use. Unlike cloud storage, data stored offline has zero remote attack surface — it cannot be hacked, ransomed or accessed remotely because it is not connected to any network. Firevault provides this through hardware-encrypted vaults that are physically isolated.

How does Firevault protect against ransomware?

Firevault protects against ransomware by physically disconnecting your data from the internet. Ransomware can only encrypt data it can reach over a network. When your data is stored offline in a Firevault, ransomware attacks cannot reach it. Even if your entire network is compromised, your offline vault remains untouched and intact.

How much does Firevault cost?

Firevault Vault starts from £75 per month (inc VAT) for individuals. Business Storage starts from £360 per month (inc VAT). Enterprise Platform pricing is available on request. All plans include hardware encryption, identity verification, and physical disconnection by default.

Who is Firevault designed for?

Firevault is designed for individuals protecting passports, wills and crypto keys; professionals such as solicitors, accountants and consultants protecting client data; SMEs and businesses protecting crown jewel data; and regulated industries including healthcare, financial services and legal sectors requiring offline backup for compliance with GDPR, NIS2, DORA and FCA regulations.

Is Firevault GDPR compliant?

Yes. Firevault is designed to support GDPR compliance by keeping sensitive personal data physically isolated and offline. Physical disconnection ensures data is not exposed to network-based attacks, supports data minimisation principles, and provides an audit trail of access. Firevault is also designed to support NIS2, DORA, FCA and SRA compliance requirements.

What is a physical air gap?

A physical air gap is a security measure where a computer or storage device is completely isolated from the internet and all unsecured networks. Unlike a logical or software air gap, a physical air gap cannot be bridged remotely. Firevault uses a Layer 1 physical air gap — your data is stored on hardware that is physically disconnected from any network when not in active use.

Back to Knowledge Vault

Data Breaches13 February 20262 min read

Major Telco Breach: 6.2 Million Users Exposed

Dutch telecommunications company Odido has confirmed a cyberattack exposing personal data of 6.2 million customers, including names, dates of birth, and contact details from a customer contact system.

Mark Fermor

Director & Co-Founder, Firevault

Cinematic night photograph of a lone telecommunications tower with red warning lights against a deep navy sky

What Happened

Dutch telecommunications company Odido, one of the Netherlands' largest mobile operators, has confirmed suffering a significant cyberattack that compromised personal data belonging to approximately 6.2 million customers. In a notice published on its website, the company said it "deeply regrets" the situation and is "fully committed" to limiting its impact.

What Data Was Exposed

According to Odido's investigation, the breach originated from a customer contact system. The compromised data includes personal information such as names, dates of birth, email addresses, and phone numbers. The company has confirmed that no passwords, call records, or billing information were involved in the incident.

Scale of the Breach

With 6.2 million users affected, this ranks among the larger European telecommunications breaches in recent memory. Odido is one of the major mobile network operators in the Netherlands, making the scale of this breach particularly concerning for Dutch consumers and the broader European data protection landscape.

Why This Matters

Even without passwords or financial data, the exposed information creates serious risks for affected individuals. Names combined with dates of birth, email addresses, and phone numbers provide everything needed for targeted phishing campaigns, identity fraud, and social engineering attacks. Criminals can use this data to craft highly convincing scam messages that reference real personal details.

The Bigger Picture

This breach is a stark reminder that cloud-connected systems remain a persistent target for attackers. Customer contact platforms, CRM tools, and support databases often hold vast quantities of personal data, yet they rarely receive the same security scrutiny as core billing or authentication systems. The result is a growing pattern of breaches where millions of records are exposed through what organisations consider secondary systems.

How Firevault Addresses This Risk

Firevault's Layer 1 physical air gap storage removes sensitive data from internet-connected infrastructure entirely. By storing critical personal records offline in secure, geographically distributed bunkers, organisations eliminate the attack surface that made this breach possible. Data that is not online simply cannot be reached by remote attackers, no matter how sophisticated their methods.

For telecommunications companies and any organisation handling millions of customer records, the question is no longer whether a breach will happen, but when. Physical isolation through air gap technology offers the only architecture where "when" becomes irrelevant.

View original article

About the author