Financial services company Latitude has revealed that over fourteen million of its customer’s personal data have been stolen during a cyber security attack a fortnight ago, making it one of the biggest reported data breaches in Australia’s history.
This Monday, the company corrected its previous announcement to over 7.9 million driver’s licence numbers, 53,000 passport numbers and 6.1 million records dating back to 2005.
According to ABC News, Latitude CEO Ahmed Fahour reassured customers that the financial company is doing everything they can following the cyber attack.
“We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days,” he said.
“We apologise unreservedly.”
Check out: 6 common pitfalls cyber security professionals face
In a ministerial statement released this week, Minister for Cyber Security Claire O’Neil states that the recent cyber incident is deeply concerning.
“The Government shares the frustration and concern experienced by many citizens who fear their data may now have been stolen on multiple occasions,” she said.
“It remains our position that no customer should bear the cost of a data breach and we are working with Latitude Financial to ensure that the customers affected by this attack are protected from immediate and future risks.”
Minister O’Neil reveals that the government has convened the National Coordination Mechanism (NCM), a mechanism designed to bring together relevant public and private sector representatives to work together against crises, to ensure that all possible support is provided to Latitude Financial as well as affected customers.
“Cyber attacks are a growing threat and will become a more routine part of our lives for years to come, and this incident is another reminder of the importance of improving Australia’s cyber security and privacy settings to minimise impacts of these threats,” Minister O’Neil said.
“That is why the Albanese Government is progressing longer-term options to help protect Australians from future incidents.”
Last month, Minister O’Neil along with the Prime Minister announced the establishment of a Coordinator for Cyber Security to ensure a centrally coordinated approach to deliver the government’s cyber security responsibilities.
Aside from this, the government is also developing a new Cyber Security Strategy that will build whole-of-nation cyber resilience and implement tougher penalties for repeated or serious data breaches.
Government is also working with States and Territories to mitigate the impacts of licences being compromised in cyber attacks.
Check out: Top three cyber security threats for 2023
On 16 March, the company announced that around 330,000 of their customer’s personal data was stolen after a sophisticated and malicious cyber attack.
ABC News states that because the attack appeared to have originated from a major vendor used by Latitude, the cyber criminals were able to obtain employee login credentials and steal personal information held by other service providers.
The Australian Financial Review states that the cyber attack on Latitude Financial eclipses the data breach on Medibank in October last year. However, both data breaches are dwarfed by the 2019 data breach on Canva, where 140 million customers had their data stolen.
The company is currently undertaking a comprehensive customer care program to support affected individuals.
“We recognise that today’s announcement will be a distressing development for many of our customers and we apologise unreservedly,” they said in a statement.
“We are writing to all customers, past customers and applicants whose information was compromised outlining details of the information stolen and our plans for remediation.”
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
