FourthLine Security Incident

  • December 21, 2018

Read the response from our Managing Director following the recent security incident...


As the Managing Director of FourthLine I wanted to write to you in response to the security incident which unfortunately affected our business earlier this week, and keep you updated on the latest developments. 

What happened?  

As you may be aware, on Tuesday 18th December emails were sent out from a FourthLine email address which contained an invoice for £480 and instructions that we would be taking payment via direct debit by the 24th December. Although made to look genuine, this email was not sent by ourselves and I can assure you that you do not owe FourthLine any money and there is no direct debit in place. If you haven’t already, we would advise that you delete this email from your inbox and do not click on any links.  

What was our response following the incident?  

As soon as we became aware of the incident our priority was to locate and contain the breach. We are confident that it was a third party application that was breached, and that our main servers and database remain unaffected. The third party in question began an investigation into how the breach occurred, of which we are currently awaiting the results. Meanwhile we ensured that all other third party platforms used by the business were secure. 

As you can imagine we received a large volume of phone calls following the incident, so I can only apologise if you had difficulty getting through to us at that point. We sent an email communication out to all addresses that we suspected could have been affected as quickly as we could, and began the process of personally responding to email enquiries that came in before an auto response email was set up.  

What we advise you do next? 

If you did click on the link contained within the email, we would advise you carry out the following precautions:  

1. Delete anything you may have downloaded. 

2. Scan your system using an up-to-date anti-virus program from a respected security vendor, such as McAfee Anti-Virus, Norton by Symantec or Microsoft Windows Defender, to remove any viruses or other malware that may have infected your computer. You may want to seek help from a trusted IT consultant or a systems repair firm. 

3. Change your password(s) - particularly those involving financial information - to prevent unauthorised users from logging into your accounts. 

What agencies have we alerted?  

We have reported the incident to the ICO, Action Fraud and the National Cyber Security Centre. If you are concerned about fraud or would like to report the incident you can use the following information:  

Action Fraud 
0300 123 2040  
Crime reference number NFRC181202701078 

What personal data do we believe has been breached?  

We are confident that if data has been lost, it would be restricted to name, email address, job title, company and in a very small number of cases possibly phone number. No other data that FourthLine holds such as CVs or bank details have been breached. As we believe the breach occurred within a third party, we are awaiting the results of their investigation and as such unfortunately we are unable to provide further information at this time. At no point have any of FourthLine’s internal systems been compromised and all personal data stored within them is safe. 

What IT security did we have in place prior to the breach? 

Like most businesses we took the introduction of the GDPR as an opportunity to review our defences. Across our business we ensure that all machines are encrypted with industry standard encryption. Full Disk encryption provides both pre-boot authentication and fast and transparent data security. Strong, FIPS-compliant, 256-bit encryption is deployed on all company equipment. 

Strong password policies are implemented across the organisation and all security products and equipment are recognised as being 5 star by independent body, Gartner.  

What are our next steps? 

Once we are confident that we have contained the breach and investigations have been completed we will be looking to carry out a root cause analysis, and carry out immediate steps to improve our defences where they can be improved. We will update everyone in the New Year with a full report into the findings of the investigation and our risk assessment, to let you know what solutions we have put in place to ensure this type of incident doesn’t happen again, and to provide you with confidence that we take holding your personal data seriously. 

What should you do next if you are still concerned? 

Please be reassured that we are confident that the only personal data that has been breached is as outlined above. No financial information was contained in the data that was held in the 3rd party email application. However, if you would like to contact us please email [email protected] and someone will respond to your enquiry as soon as possible.  A full update will be sent out in the New Year which will include what lessons we have learnt from this experience, and solutions we are putting in place.  

We offer our sincerest apologies for any distress caused and I’d like to assure you that we are doing everything we can to resolve the matter. We expect to be able to update you with the results of the investigation when we have them, likely to be in the New Year. 

Best wishes, 

Kieran Maplesden 

Managing Director, FourthLine 



£ k