Latitude finance

2023 - 3 - 27

Post cover
Image courtesy of "The Guardian"

Latitude Financial cyber-attack worse than first thought with 14m ... (The Guardian)

Latitude Financial has revealed that 14m customer records – including driver's licence numbers, passport numbers and financial statements – were stolen from its ...

Consumer lenders typically use a lot of identification documents as part of the credit-checking process for new customers. These records include information such as names, addresses, phone numbers and dates of birth, the company said. Latitude said the size of the breach was a “distressing development” for customers. Latitude first disclosed it was hacked in mid-March and said the breach was thought to only include about 100,000 identification documents and 225,000 customer records. The consumer lender, which offers personal loans and credit to customers shopping at stores including JB Hi-Fi, The Good Guys and Harvey Norman, said in a statement on Monday that some of the documents date back to at least 2005. Latitude Financial has revealed that 14m customer records – including driver’s licence numbers, passport numbers and financial statements – were stolen from its system in a cyber-attack that was far worse than the company initially reported.

Post cover
Image courtesy of "ABC News"

Up to 8 million Latitude Financial customers in Australia and New ... (ABC News)

Latitude Financial confirms that the cyber hack on its systems this month was far worse than originally thought, with around 8 million people's data ...

Why on Earth is it still being retained?" The attack on Latitude is the largest-known data breach on a financial institution in Australia. Latitude Financial is the latest business to be impacted by a data breach in recent months. "We saw with Optus that the government shared the data on the people who were breached with banks and financial institutions to reduce their risk of future fraud. "Latitude is a financial institution; I hope they didn't share it with Latitude, but this demonstrates that keeping the data and sharing it more widely is actually not the solution. "Latitude Financial is cooperating with the government in responding to this incident, and we expect the company to continue to swiftly provide the government with all information it needs," she said in a statement. "If it is true, that the laws are saying that has to be held for so long, then those laws need to be re-looked at because this is a terrible outcome," he said. "It remains our position that no customer should bear the cost of a data breach, and we are working with Latitude Financial to ensure that the customers affected by this attack are protected from immediate and future risks." Cyber security expert at the University of New South Wales, Professor Richard Buckland, said it was "pretty unbelievable" that Latitude Financial kept historical customer data on file that dated back to 2005 when it was still owned by GE Capital. An email sent to customers by Latitude Financial on March 22 and seen by the ABC showed the company informed some customers that additional personal information had been compromised. Latitude said an additional 6.1 million records that were provided to the company dating back to "at least 2005" were also stolen in the cyber attack, with roughly 5.7 million — or 94 per cent — provided prior to 2013. - An additional 6.1 million records provided to Latitude back to "at least 2005" have also been compromised in the data breach

Post cover
Image courtesy of "NEWS.com.au"

Hacking sees 14m customers' details stolen (NEWS.com.au)

The cyberattack of Aussie financial firm Latitude is far worse than the company originally reported with a whopping 14 million customers' details stolen as ...

“We continue to work around the clock to safely restore our operations. We are also committed to a full review of what has occurred. We will never contact customers requesting their passwords. [Optus ](https://www.news.com.au/finance/business/other-industries/10-per-cent-of-optus-customers-leave-after-cyberattack/news-story/431a0661233a698eb3a6d2bb7c68562c)and [Medibank had the details of millions](https://www.news.com.au/finance/business/banking/cba-scammers-trick-hacker-impersonates-tasmanian-man-to-steal-40k-in-savings/news-story/9aba8cd485f3ddfa0247e5f84ac15de1) of customers stolen in two separate sophisticated cyber attacks that descended into ransom demands which were not paid. The company had previously said it was still trying to contain the “malicious” attack but in its latest update to the market it said the to the best of its knowledge no suspicious activity had been observed in its systems since Thursday, 16 March. Latitude first unveiled it had been attacked when it reported it had noticed “unusual activity” on its systems in the last couple of days. We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days.” “We are committed to working closely with impacted customers and applicants to minimise risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. Last week it said Medicare numbers and “copies of passports or passport numbers” were included in the theft of personal information affecting approximately 333,000 customers and applicants. In an announcement to the ASX, the firm said it had identified approximately 7.9 million Australian and New Zealand driver's licence numbers that have been stolen, while a further 6.1 million records dating back to at least 2005 have also been obtained by the hackers. Latitude said it would reimburse customers who choose to replace their stolen ID document and said it maintains insurance policies to covers risks, including cyber security incidents, and as a result it had informed its insurers. The cyberattack of Aussie financial firm Latitude is far worse than the company originally reported with a whopping 14 million customers’ details stolen as a result of the breach.

Post cover
Image courtesy of "The Sydney Morning Herald"

Hacked: Latitude confirms details of 14 million consumers stolen (The Sydney Morning Herald)

Consumer finance provider Latitude Financial has confirmed that details of 14 million consumers, including the drivers licence numbers of 7.9 million ...

The hackers began leaking some stolen data onto the dark web and Medibank lost $2 billion from its market valuation at the height of the crisis. Separately, an additional 6.1 million records, dating back to at least 2005, were stolen, including some but not all of the following: name, address, telephone number and date of birth. The company said about 53,000 passport numbers were also stolen in the attack. Cybersecurity Minister Clare O’Neil on Monday said the scale of the data theft was very concerning. Latitude provides consumer finance services to Harvey Norman, JB Hi-Fi, The Good Guys and Apple, and recently signed up David Jones. We are also committed to a full review of what has occurred,” added Fahour, who retires from his position on Friday.

Post cover
Image courtesy of "The Australian Financial Review"

ASX LFS: Latitude breach now one of the biggest in Australian history (The Australian Financial Review)

The March cyberattack on Latitude Financial was at least 42 times bigger than initially reported, making it one of the largest reported data breaches in ...

Latitude said a further 6.1 million records were stolen in the attack, most of which were more than a decade old. The government shares the frustration and concern experienced by many citizens who fear their data may now have been stolen on multiple occasions,” she said. Connect with John on [[email protected]](mailto:[email protected]) Former NSW deputy privacy commissioner Anna Johnston said the age of many of the documents stolen in the Latitude attack showed that tougher privacy laws were needed in Australia, to force companies to destroy data they no longer need. The size of the data breach now eclipses that of the Medibank Private breach in October, when the insurer failed to secure the personal information belonging to 9.7 million current and former customers. The lender said on Monday it had now established that 7.9 million driver’s licence numbers of Australian and New Zealand customers and applicants had been stolen in the attack, 3.2 million of which were supplied in the past decade.

Post cover
Image courtesy of "iTnews"

Latitude Financial breach passes 14 million records (iTnews)

In an update [pdf] to the Australian Securities Exchange, the consumer credit company said around 3.2 million of those licences were provided in the last 10 ...

When the breach was first discovered, Latitude believed it affected around 225,000 customers. The breach began when staff logins were used to access two third-party services providers. The breach also affected 53,000 passport numbers, and financial statements affecting fewer than 100 customers.

Post cover
Image courtesy of "9News"

Millions of customer records stolen in Latitude Financial data breach (9News)

The company reports that their forensic review is ongoing, but that they have identified 7.9 million Austra...

However, for those customers of Latitude who do need a new driver's licence as a result of this hack, the company has offered to pay for the replacement of their stolen ID document. Customers past and present are likely to wonder just why the company still retained information about customers from 2005. As far as financial information goes, it appears limited to a small group of 100 customers who had a monthly financial statement stolen from the system. Like the driver's licence numbers, a staggering 97 per cent of those records were from before 2013, and date back to 2005. Additionally, a further 6.1 million customer records including some but not all of the customer's names, addresses, phone numbers and dates of birth were stolen in the attack. [Latitude Financial Services](https://www.9news.com.au/finance)has today revealed the larger [extent of their cyberattack two weeks ago](https://www.9news.com.au/national/latitude-financial-cyber-attack-data-stolen/994fc611-09ce-433f-b61f-46f2e1fc72a9)with the number rising from hundreds of thousands to now millions of customer records stolen.

Post cover
Image courtesy of "ABC News"

What's happening with the Latitude Financial cyber attack? Millions ... (ABC News)

The consumer finance company announced on Monday: 7.9 million Australian and New Zealand drivers licence numbers have been stolen; about 53,000 passport numbers ...

What's happening with the Latitude Financial cyber attack? Of this, the company said approximately 5.7 million, or 94 per cent, were provided before 2013. "Latitude Financial is cooperating with the government in responding to this incident, and we expect the company to continue to swiftly provide the government with all information it needs," Minister for Cyber Security "It remains our position that no customer should bear the cost of a data breach, and we are working with Latitude Financial to ensure that the customers affected by this attack are protected from immediate and future risks." It says it will "continue to work with the Australian Cyber Security Centre and our expert cyber security advisers." What is Latitude Financial doing about the security breach?

Explore the last week