Connect with us

Hi, what are you looking for?



Australian Finance Company Refuses Hackers’ Ransom Demand

Latitude Financial said it had recently received a ransom threat from the group behind the cyberattack, which it was ignoring in line with government advice.

Australian firm Latitude Financial said Tuesday it refused to pay a ransom to hackers who stole millions of records in one of the country’s biggest data heists.

The consumer lending company, which offers loans and credit cards, said last month that hackers had stolen the personal records of around 14 million Australian and New Zealand customers.

Latitude Financial said it had recently received a ransom threat from the group behind the cyber attack, which it was ignoring in line with government advice.

“We will not reward criminal behavior, nor do we believe that paying a ransom will result in the return or destruction of the information that was stolen,” it said in a statement to the Australian Stock Exchange.

Paying the ransom “would only encourage further extortion attempts”, the company added, without detailing the hackers’ demands.

The stolen data includes 7.9 million Australian and New Zealand driving licenses and 53,000 passport numbers.

Another 6.1 million records dating back to at least 2005 with information such as names, addresses, telephone numbers and dates of birth were also stolen.

Advertisement. Scroll to continue reading.

Home Affairs Minister Clare O’Neil, who has previously described predatory hackers as “scummy criminals”, said giving in to extortion “only fuels the ransomware business model”.

“They commit to undertaking actions in return for payment, but so often re-victimize companies and individuals.”

In recent months, hackers have preyed on some of Australia’s biggest companies in a string of separate attacks that have put authorities on high alert.

Russian hackers were blamed for accessing millions of medical records at Medibank, Australia’s largest private health insurer, in an unsuccessful extortion attempt in November last year.

Telecom company Optus fell victim to a similarly massive data breach in September, during which the personal details of up to 9.8 million people were accessed.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group.