What is offline secure storage?

Offline secure storage (OSS) is a data protection method where data is physically disconnected from the internet when not in use. Unlike cloud storage, data stored offline has zero remote attack surface — it cannot be hacked, ransomed or accessed remotely because it is not connected to any network. Firevault provides this through hardware-encrypted vaults that are physically isolated.

How does Firevault protect against ransomware?

Firevault protects against ransomware by physically disconnecting your data from the internet. Ransomware can only encrypt data it can reach over a network. When your data is stored offline in a Firevault, ransomware attacks cannot reach it. Even if your entire network is compromised, your offline vault remains untouched and intact.

How much does Firevault cost?

Firevault Vault starts from £75 per month (inc VAT) for individuals. Business Storage starts from £360 per month (inc VAT). Enterprise Platform pricing is available on request. All plans include hardware encryption, identity verification, and physical disconnection by default.

Who is Firevault designed for?

Firevault is designed for individuals protecting passports, wills and crypto keys; professionals such as solicitors, accountants and consultants protecting client data; SMEs and businesses protecting crown jewel data; and regulated industries including healthcare, financial services and legal sectors requiring offline backup for compliance with GDPR, NIS2, DORA and FCA regulations.

Is Firevault GDPR compliant?

Yes. Firevault is designed to support GDPR compliance by keeping sensitive personal data physically isolated and offline. Physical disconnection ensures data is not exposed to network-based attacks, supports data minimisation principles, and provides an audit trail of access. Firevault is also designed to support NIS2, DORA, FCA and SRA compliance requirements.

What is a physical air gap?

A physical air gap is a security measure where a computer or storage device is completely isolated from the internet and all unsecured networks. Unlike a logical or software air gap, a physical air gap cannot be bridged remotely. Firevault uses a Layer 1 physical air gap — your data is stored on hardware that is physically disconnected from any network when not in active use.

Back to Knowledge Vault

Data Breaches28 March 20266 min read

Smith and Co Solicitors Ipswich Data Breach

An Ipswich solicitors firm with more than 2,000 clients has been hit by a data breach, with hackers gaining access to potentially sensitive data and persuading one individual to send them money after obtaining her email.

Mark Fermor

Director & Co-Founder, Firevault

A traditional English solicitors office on a quiet cobblestone street at blue hour, warm light spilling from windows

What Happened

Smith and Co Solicitors, a well-established law firm based in St Margaret's Green, Ipswich, has confirmed it was the victim of a cyber attack first detected on 19 March 2026. Technicians believe the original breach dates back to 12 March, after clients contacted the business to report suspicious email exchanges between themselves and an unknown third party.

The attackers gained access to the firm's email systems, obtaining client email addresses and potentially any correspondence containing sensitive personal data. In the firm's own words:

"Unfortunately, we have been the victim of a security breach, but it appears that the criminals behind the attack have managed to access email addresses and potentially any email that contains sensitive data. We are notifying you as we are aware your email address may have been obtained and to warn you that there is a possibility that you could receive an email from the criminals."

In one confirmed case, the criminals successfully persuaded a client to transfer money after obtaining her email and impersonating the firm. The amount has not been disclosed.

The attackers have also created fraudulent email addresses designed to impersonate the firm, and the practice has urged all clients to carefully verify the sender address on any communication purporting to come from Smith and Co.

Source: Ipswich Star, reporting by Will King, 28 March 2026.

What Data Was Exposed

The firm has confirmed that email addresses were compromised, along with the potential exposure of any sensitive information contained within those email threads. For a solicitors practice handling conveyancing, family law, wills, and commercial matters, this could include:

Financial information shared during property transactions or business dealings
Personal identification documents submitted as part of client onboarding
Confidential legal correspondence relating to ongoing cases
Contact details of over 2,000 registered clients

Who Is Affected

The breach is understood to have directly impacted approximately 25 per cent of the firm's client base. High-priority individuals were contacted first, with a broader communication sent to all remaining clients on Thursday 27 March.

Managing partner Vicky Hosking described the situation as "frightening" but praised her team's response:

"Falling victim to a cyber attack, whether a law firm or an individual, is devastating. We follow best practice protocols, including telephone calls and email to reach all affected clients. We really care about keeping the clients' data and their money safe."

"It feels frightening, because it feels like you can never do enough to help. As a local business, we care about our clients. We really love running a law firm in our local community, and we just want to reassure people."

One client, who chose not to be named due to security reasons, said:

"It's terribly concerning to find out from a circular email that my personal details and data have been the subject of a seemingly successful hack. I can't help but wonder how serious the consequences of this could be for a considerable number of people."

The incident has been reported to both the Information Commissioner's Office and Action Fraud.

Why This Matters

This breach is far from an isolated case. The Solicitors Regulation Authority has warned of a significant rise in cyber attacks targeting law firms, with a recent investigation finding that three quarters of the firms they visited had been the target of a cyber attack.

Law firms are particularly attractive targets for cybercriminals because they routinely handle high-value financial transactions and hold large volumes of sensitive personal data. A successful email compromise can lead directly to financial fraud, as demonstrated in this case, where a client was deceived into sending money to the attackers.

The Offline Alternative

The Smith and Co breach highlights a fundamental vulnerability in modern legal practice: sensitive client data stored in internet-connected email systems is only as secure as the weakest link in the chain. Once an attacker gains access to a networked system, every piece of data within reach is exposed.

Physically offline storage, such as Firevault's Layer 1 air gap solution, removes this attack vector entirely. By disconnecting sensitive archives from all network infrastructure, client files, identification documents, and confidential correspondence become physically inaccessible to remote attackers, regardless of how sophisticated the breach.

For solicitors handling conveyancing funds, estate documents, and privileged legal correspondence, the ability to vault completed matter files in a physically disconnected environment would ensure that even a full email system compromise could not expose historical client data.

Legal Chambers by Firevault

Firevault's Legal Chamber Model offers law firms a structured governance framework purpose-built for the way solicitors practices actually operate. Rather than treating all data equally, the chamber model separates firm data into distinct isolation zones with independent access controls and audit trails.

The model is structured around two core areas:

Inner Stewardship Chambers govern the firm's own leadership data, including partnership agreements, financial records, regulatory correspondence, and strategic documents. These chambers are restricted to named partners and compliance officers, ensuring that sensitive firm governance material is never exposed to the wider practice.

Outer Wings handle client matter files, regulatory evidence, and completed case archives. Each wing operates as an independent vault with its own permissions, meaning a breach of one client matter cannot cascade into another. Completed matters can be physically disconnected and archived offline, removing them entirely from any networked attack surface.

This structure directly addresses the vulnerability exposed in the Smith and Co breach. Had the firm's completed client files been vaulted in physically disconnected Outer Wings, the email system compromise would have exposed only active correspondence, not the full historical archive of 2,000 clients' sensitive documents.

The Legal Chamber Model also supports SRA compliance by providing verifiable audit trails for data access, enabling firms to demonstrate precisely who accessed what data and when. For practices that bill for document custody and secure archiving, the model creates a revenue stream from data governance rather than treating it as a pure cost centre.

Built on the VPPP framework (Vault, Policy, Permissions, Purpose), each chamber enforces identity-locked access where every retrieval requires deliberate, authorised action. There is no shared network drive, no open email attachment, and no free cloud tool where sensitive files can leak. The intentional friction of governed access replaces the uncontrolled data sharing that made the Smith and Co breach possible.

Key Takeaways

Law firms remain prime targets — the SRA reports that 75 per cent of firms visited had experienced a cyber attack, making the legal sector one of the most targeted industries
Email compromise leads directly to financial fraud — attackers used stolen credentials to impersonate the firm and successfully extract money from a client
Small firms are not exempt — community practices with just 2,000 clients face the same sophisticated threats as large corporate firms
Connected systems mean connected risk — any data accessible via a networked email system is vulnerable once that system is breached
The Legal Chamber Model isolates exposure — by separating firm governance from client matters in physically disconnected vaults, a single breach cannot cascade across the entire practice
Physical disconnection eliminates remote access — offline, air-gapped storage ensures that archived client files cannot be reached by remote attackers under any circumstances