Data of more than 300,000 Latitude Financial users stolen in cyber attack

Investing

Latitude Financial says it’s been hit by a ‘sophisticated and malicious’ cyber-attack.

The company, which provides loans to businesses and individuals, says approximately 225,000 customers records were stolen and more than 103,000 identification documents. A huge 97 per cent of those ID documents were copies of drivers’licences.

In a statement to the Australian Securities Exchange (ASX), Latitude Financial said the attackers were able to obtain Latitude employee credentials before the incident was isolated. It’s believed to have originated from a major vendor used by Latitude.

“The attacker appears to have used the employee login credentials to steal personal information that was held by two other service providers,” the statement read.

In the statement, Latitude said it apologises to impacted customers and is taking steps to contact them.

“Latitude is continuing to respond to this attack and is doing everything its power to contain the incident and prevent the theft of further customer data, including isolating and removing access to some customer-facing and internal systems.”

The company said it was working with the Australian Cyber Security Centre and has alerted relevant law enforcement agencies.

Look back on the week that was with hand-picked articles from Australia and around the world. Sign up to the Forbes Australia newsletter here or become a member here.

More from Forbes Australia