What is offline secure storage?

Offline secure storage (OSS) is a data protection method where data is physically disconnected from the internet when not in use. Unlike cloud storage, data stored offline has zero remote attack surface — it cannot be hacked, ransomed or accessed remotely because it is not connected to any network. Firevault provides this through hardware-encrypted vaults that are physically isolated.

How does Firevault protect against ransomware?

Firevault protects against ransomware by physically disconnecting your data from the internet. Ransomware can only encrypt data it can reach over a network. When your data is stored offline in a Firevault, ransomware attacks cannot reach it. Even if your entire network is compromised, your offline vault remains untouched and intact.

How much does Firevault cost?

Firevault Vault starts from £75 per month (inc VAT) for individuals. Business Storage starts from £360 per month (inc VAT). Enterprise Platform pricing is available on request. All plans include hardware encryption, identity verification, and physical disconnection by default.

Who is Firevault designed for?

Firevault is designed for individuals protecting passports, wills and crypto keys; professionals such as solicitors, accountants and consultants protecting client data; SMEs and businesses protecting crown jewel data; and regulated industries including healthcare, financial services and legal sectors requiring offline backup for compliance with GDPR, NIS2, DORA and FCA regulations.

Is Firevault GDPR compliant?

Yes. Firevault is designed to support GDPR compliance by keeping sensitive personal data physically isolated and offline. Physical disconnection ensures data is not exposed to network-based attacks, supports data minimisation principles, and provides an audit trail of access. Firevault is also designed to support NIS2, DORA, FCA and SRA compliance requirements.

What is a physical air gap?

A physical air gap is a security measure where a computer or storage device is completely isolated from the internet and all unsecured networks. Unlike a logical or software air gap, a physical air gap cannot be bridged remotely. Firevault uses a Layer 1 physical air gap — your data is stored on hardware that is physically disconnected from any network when not in active use.

Back to Knowledge Vault

News16 February 20264 min read

Major Telco Breach: 6.2 Million Users Exposed

Dutch telecommunications provider Odido has confirmed a cyberattack that exposed the personal data of 6.2 million customers, including names, addresses, bank account numbers, and identity document details. The breach, detected on the weekend of 7 February 2026, was reported to the Dutch Data Protection Authority.

Mark Fermor

Director & Co-Founder, Firevault

Cinematic night photograph of a lone telecommunications tower with red warning lights against a deep navy sky

What Happened

Dutch telecommunications provider Odido, one of the largest mobile operators in the Netherlands, has confirmed it suffered a cyberattack that compromised the personal data of approximately 6.2 million customers. The company was formed in 2023 through the rebranding of T-Mobile Netherlands and Tele2 Netherlands.

According to a statement published on the company's website, Odido detected the incident on the weekend of 7 February 2026 and launched an investigation with internal and external cybersecurity experts. The breach originated from a customer contact system, which attackers were able to access and use to download customer records.

Odido reported the breach to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and confirmed that the threat actors contacted the company directly to inform them they had stolen millions of records, as reported by BleepingComputer.

What Data Was Exposed

The compromised data varies per customer but may include:

Full name
Address and place of residence
Mobile number
Customer number
Email address
IBAN (bank account number)
Date of birth
Identification data (passport or driver's licence number and validity)

Odido has confirmed that passwords, call records, location data, invoice details, and scans of identification documents were not affected.

Scale and Response

With 6.2 million affected customers, this represents one of the largest telecommunications data breaches in European history. Odido has stated it is emailing all impacted customers, with notifications expected within 48 hours of the announcement.

In response, the company has:

Blocked the unauthorised access immediately upon discovery
Strengthened security controls across affected systems
Increased monitoring for suspicious activity
Engaged external cybersecurity experts for incident response

At the time of reporting, no evidence has been found that the stolen data has been publicly leaked.

Why This Matters

The combination of personal identifiers, banking details, and identity document numbers creates a significant risk profile for affected individuals. This data could be used for identity fraud, targeted phishing campaigns, SIM-swapping attacks, and financial crime.

Telecommunications providers hold vast quantities of personal data by necessity. Every customer interaction, every account detail, and every payment record creates a digital footprint that remains accessible on connected systems. When those systems are breached, as in this case through a customer contact platform, the consequences affect millions.

This incident reinforces a question that organisations across every sector should be asking: does all of this sensitive data need to remain connected and accessible at all times?

The Case for Physically Disconnected Storage

The Odido breach illustrates what happens when sensitive customer data remains perpetually connected. The attackers were able to access and download records precisely because those records were available on a networked system.

Firevault takes a fundamentally different approach to protecting critical data. By physically disconnecting storage from the network when not in use, data is rendered unreachable. No network path means no remote attack vector, regardless of how sophisticated the threat.

How Firevault Products Address This Risk

Vault provides a digital safe deposit box for organisations and individuals who need to protect sensitive documents, identity records, and liability files. Data is stored in physically disconnected, hardware-encrypted environments within UK-based Firevault Bunkers.

Storage offers scalable offline secure storage for businesses requiring protection for larger workloads, archives, and 3-2-1-0 backup strategies. It delivers the same Layer 1 physical air gap protection at enterprise scale.

For telecommunications companies, financial institutions, and any organisation handling millions of customer records, the principle is straightforward: if data does not need to be online, it should not be online. What is offline and disconnected cannot be scanned, stolen, or ransomed.

Learn more about how Firevault protects critical data →

Key Takeaways

6.2 million records were exposed through a customer contact system
Identity document details including passport and driver's licence numbers were compromised alongside banking data
The breach was detected on 7 February 2026 and reported to the Dutch Data Protection Authority
No passwords or call records were affected according to Odido
Physical disconnection eliminates the network path that attackers exploit in breaches like this

Sources: Odido Security Statement, BleepingComputer, Nu.nl

About the author