Latitude Financial, a leading consumer credit lender in Australia, was hit by a major cyber attack several weeks ago that resulted in a large-scale information theft. Initially, the attack was reported to have impacted 330,000 customers and applicants, but the company has now revealed that the number of affected individuals is 42 times bigger than initially reported.
Scope of the Attack Widens
The cyberattack on Latitude Financial in March turned out to be much bigger than initially reported, with the company now saying that it is one of the largest data breaches in Australian history.
In a statement released on Monday, the lender confirmed that 7.9 million driver licence numbers of its customers and applicants in Australia and New Zealand were stolen, along with an additional 53,000 passport numbers.
This breach far surpasses the previously reported 330,000 identification documents stolen in the attack, with the number of compromised records totalling 6.1 million, including customer names, addresses, and telephone numbers.
Latitude’s CEO expressed disappointment with the severity of the breach, stating that the lender would restore their systems and return to normal operations in “coming days”.
Response to the Attack
Latitude Financial has engaged external cyber security experts, the Australian Cyber Security Centre, and other relevant government agencies to investigate the attack. The cyber attack is also now the subject of an Australian Federal Police investigation.
Latitude has promised to cover the cost of new identification documents for affected customers, after their personal information was accessed by cybercriminals. The attackers may have entered the Latitude system through the network of a US-based outsourcer, DXC Technology.
Cybersecurity: A never-ending battle
The recent cyberattack highlights the importance of prioritising cybersecurity to ensure the safety of sensitive user data. A reactive approach is no longer enough in the face of constantly evolving hacking techniques. To stay ahead of the game, organisations should adopt a proactive approach by investing in employee education, frequent security audits, and cutting-edge security solutions.