You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
accountants daily logo

14m personal records stolen in Latitude hack

Technology

The financial group confirms the cyber criminals made off with driver’s licence numbers and the personal details of million of customers.

By Philip King 11 minute read

More than 14 million personal customer details at financial group Latitude were stolen by cyber criminals in the recent attack including driver’s licences and passport numbers, the company has confirmed.

It said the total included 7.9 million Australian and New Zealand driver’s licence numbers, about 40 per cent of which had been provided in the past decade, as well as 6.1 million records dating back to 2005 that included names, addresses, dates of birth and phone numbers.  

The cyber criminals also got away with 53,000 passport numbers and the monthly financial statements of “less than 100 customers”, it said.

“We recognise that today’s announcement will be a distressing development for many of our customers and we apologise unreservedly,” it said in a statement to the ASX.

 “We are writing to all customers, past customers and applicants whose information was compromised outlining details of the information stolen and our plans for remediation.

 “We will reimburse our customers who choose to replace their stolen ID document.”

==
==

The number of personal details involved in the Latitude attack now exceeds the 9.7 million customers compromised during Medibank cyber breach last October and a similar number in the Optus hack last September.

Cybersecurity expert Professor Nigel Phair of Monash University said customers of the group needed to be on high alert.

“Customers of Latitude Financial need to be extra vigilant and keep an eye on all accounts for any suspicious emails, text messages or transactions,” he said. “All online consumers need to be aware to guard their personal identities while operating in the online environment. This is getting harder as more and more organisations suffer data breaches, which open individuals up to greater vulnerabilities surrounding phishing and identity theft.”

Latitude said “to the best of our knowledge” there had been no suspicious activity on its systems since 16 March, shortly after it detected the data breach, when it originally reported that just 330,000 documents had been stolen. The company had taken many of its systems offline after the attack.

Latitude chief executive Ahmed Fahour urged customers to exercise caution and said the company would investigate how the breach occurred.

“We urge all our customers to be vigilant and on the look-out for suspicious behaviour relating to their accounts,” he said. “We will never contact customers requesting their passwords.

“We continue to work around the clock to safely restore our operations. We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days.”

The company had set up dedicated contact centres for affected customers.

 

 

Philip King

Philip King

AUTHOR

Philip King is editor of Accountants Daily and SMSF Adviser, the leading sources of news, insight, and educational content for professionals in the accounting and SMSF sectors.

Philip joined the titles in March 2022 and brings extensive experience from a variety of roles at The Australian national broadsheet daily, most recently as motoring editor. His background also takes in spells on diverse consumer and trade magazines.

You can email Philip on: This email address is being protected from spambots. You need JavaScript enabled to view it.

You are not authorised to post comments.

Comments will undergo moderation before they get published.

accountants daily logo Newsletter

Receive breaking news directly to your inbox each day.

SUBSCRIBE NOW