Australian lending firm Latitude Financial says data of 14 million customers stolen in cyberattack

Must read

Consumer finance provider Latitude Financial has said that cyber-criminals have leaked the personal data of around 14 million customers, in what is being described as the biggest data breach reported in Australia.

The non-banking lending firm first reported the cyber hack on March 6, saying that 330,000 customers’ information was stolen. On Monday, it acknowledged that the cyberattack was far worse than originally thought, and updated the figure to 14 million.

The stolen information consists of driver’s license numbers of customers from Australia and New Zealand, The Sydney Morning Herald newspaper reported.

In an announcement, the firm added that victims include current and former customers dating back more than 10 years, as well as applicants for its consumer credit services.

“It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly,” Latitude chief executive Ahmed Fahour said in a release to the Australian Securities Exchange.

“We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. We are also committed to a full review of what has occurred,” Fahour added. He is due to retire on Friday.

Latitude Financial was founded in 2015 after GE Capital sold its Australian and New Zealand business to a consortium led by Deutsche Bank, KKR and Varde Partners.

Cybersecurity Minister Clare O’Neil on Monday expressed concern about the scale of information theft, and ordered the National Coordination Mechanism (NCM) to support government agencies in relation to the attack.

“The government shares the frustration and concern experienced by many citizens who fear their data may now have been stolen on multiple occasions,” she was quoted as saying by the newspaper.

The firm said that it has not detected any cyberattack on its systems since March 16. It added that it is working with the Australian Cyber Security Centre and the incident is being investigated by the Australian Federal Police.

(With inputs from agencies)

Source link

More articles

- Advertisement -


- Advertisement -

Latest article