Select Page

Incident: Updated – Latitude Financial hit by cyber attack, more than 300,000 identity documents stolen | ABC News (Australia)

Incident: Updated – Latitude Financial hit by cyber attack, more than 300,000 identity documents stolen | ABC News (Australia)

Australian Financial Cyber Attack, 16 March 2023

Updated: Latitude Financial hit by cyber attack, 14 million customers more than 300,000 identity documents stolen

The company says the personal information was taken from two service providers after hackers gained access to Latitude’s staff login details

Company Statement: Latitude Cyber Response
Source: Latitude Financial hit by cyber attack, more than 300,000 identity documents stolen | ABC News (Australia)

View more incidents from Banking and Finance sector.

Updated Report 16 April

YouTube player

Roughly 14 million customer records stolen from Latitude Financial could be posted to the dark web after the personal finance company refused to pay a ransom request demanded by the group behind last month’s cyber attack.

Latitude Financial is still investigating the breach and has been steadily emailing customers letting them know their personal details have been compromised.

But people who believe they were never a Latitude customer are also receiving emails from the company, saying their personal details have been affected.

Because some of the data that was stolen from Latitude Financial dates back to 2005 — meaning customers of GE Money between 2005 and 2015 have been affected by the breach.

Latitude Financial told the ASX on March 27 that only 40 per cent of the 7.9 million drivers licence numbers that were stolen were from the past decade — meaning 60 per cent, or around 4.7 million, pre-dated 2013.

Initial Report 16 March

YouTube player

Latitude Financial is responding to a cyber-attack that has resulted in the theft of personal information. The theft impacts customers, past customers and applicants across Australia and New Zealand. The company that issues consumer loans and runs a buy now, pay later scheme used by major retailers — has revealed hackers have stolen the personal information of more than 300,000 customers, including drivers licences.

The non-bank lender told the ASX it had detected unusual activity on its systems “over the last few days” that “appears to be a sophisticated and malicious cyber attack”.

    The information stolen includes:

  • 103,000 identity documents — with 97 per cent of those being copies of drivers’ licences from one provider
  • 225,000 customer records from the second service provider.

Latitude provides buy now, pay later (BNPL) schemes to a number of major Australian retailers, including Harvey Norman, JB Hi-Fi, David Jones and The Good Guys.

Latitude has 2.8 million current customers. It could not tell ABC News whether the hack concerned only their data or potentially former customers too.

Cyber Security and Home Affairs minister Clare O’Neil said Latitude was cooperating with the Australian Cyber Security Centre (ACSC) and regulators “to minimise the damage resulting from this incident”.

GE Capital Finance had a partnership with Coles Group to offer branded credit cards for Coles and Myer — a relationship that was formed when Coles Myer sold its credit card business to GE Capital back in 1995.


About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required

Share This