Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Australian Finance Company Refuses Hackers’ Ransom Demand

Latitude Financial said it had recently received a ransom threat from the group behind the cyberattack, which it was ignoring in line with government advice.

Australian firm Latitude Financial said Tuesday it refused to pay a ransom to hackers who stole millions of records in one of the country’s biggest data heists.

The consumer lending company, which offers loans and credit cards, said last month that hackers had stolen the personal records of around 14 million Australian and New Zealand customers.

Latitude Financial said it had recently received a ransom threat from the group behind the cyber attack, which it was ignoring in line with government advice.

“We will not reward criminal behavior, nor do we believe that paying a ransom will result in the return or destruction of the information that was stolen,” it said in a statement to the Australian Stock Exchange.

Paying the ransom “would only encourage further extortion attempts”, the company added, without detailing the hackers’ demands.

The stolen data includes 7.9 million Australian and New Zealand driving licenses and 53,000 passport numbers.

Another 6.1 million records dating back to at least 2005 with information such as names, addresses, telephone numbers and dates of birth were also stolen.

Home Affairs Minister Clare O’Neil, who has previously described predatory hackers as “scummy criminals”, said giving in to extortion “only fuels the ransomware business model”.

Advertisement. Scroll to continue reading.

“They commit to undertaking actions in return for payment, but so often re-victimize companies and individuals.”

In recent months, hackers have preyed on some of Australia’s biggest companies in a string of separate attacks that have put authorities on high alert.

Russian hackers were blamed for accessing millions of medical records at Medibank, Australia’s largest private health insurer, in an unsuccessful extortion attempt in November last year.

Telecom company Optus fell victim to a similarly massive data breach in September, during which the personal details of up to 9.8 million people were accessed.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Ransomware

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ransomware

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.