Massive Cyber-Attack at Latitude Financial in Australia
On March 16th, Latitude Financial (Australia’s biggest service for the non-bank lender of consumer credit) was hacked by a threat actor. Originally thought to be 330,000 customers affected but now confirmed to be up to 8 million, and investigations point to even more….
“This comes after the large-scale loss of identity information following the Optus and Medibank incidents. The Government shares the frustration and concern experienced by many citisens who fear their data may now have been stolen on multiple occasions,” says Cybersecurity Minister Clare O’Neil.
The data stolen contained 7.9 million Australian and New Zealand driver's licenses, and more than 53, 000 passport numbers. Records of customers were also taken which include names, addresses, phone numbers, dates of birth, and even identity photographs. Some stolen records date back to 2005. Investigations show that 60% of the driver's licenses stolen date back to over 10 years ago, raising questions as to why Latitude kept the unusable data.
Gordon Legal's James Naughton said his firm was "deeply concerned" about the impact of the data breach on Latitude customers. "We are investigating how a breach of this size could occur," he said. "Latitude customers deserve to understand their legal rights and the steps that have been taken to protect their data."
A Cyber security expert at the University of New South Wales, Professor Richard Buckland, also weighed in on the controversy stating "pretty unbelievable" that Latitude Financial kept data on file that dated back to 2005 when it was still owned by ‘GE Capital’.
"Regardless of what the legal requirements are for companies to hold data, it's harmful to the people whose data is being held for so long if it's stolen, because it allows criminals to impersonate them, take out loans in their name, and essentially to do anything you and I can do online," Professor Buckland said. "A criminal can now go online pretending to be you or me. It's dangerous stuff.”
Cybersecurity Minister Clare O’Neil said on Monday, 27th of March, that the massive volume of data stolen during the recent cyber incident is deeply concerning.
“This comes after the large-scale loss of identity information following the Optus and Medibank incidents. The Government shares the frustration and concern experienced by many citisens who fear their data may now have been stolen on multiple occasions,” she said.
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.