CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Latitude Financial Services Data Breach Impacts 300,000 Customers

Latitude Financial Services says the personal information of 300,000 customers was stolen in a cyberattack.

Australian financial services company Latitude Financial Services is notifying roughly 300,000 customers that their personal information might have been compromised in a data breach.

A subsidiary of Deutsche Bank and KKE operating since 2015 and headquartered in Melbourne, Latitude is the largest non-bank lender of consumer credit in Australia, also offering services in New Zealand, under the brand Gem Finance.

On Thursday, the company disclosed falling victim to a cyberattack that forced it to suspend services and which also resulted in the theft of customer data.

“Latitude Financial has experienced a data theft as the result of what appears to be a sophisticated and malicious cyberattack,” Latitude says in a data breach notice.

The attackers, the company says, stole personal information held by two service providers, which served customers in both Australia and New Zealand.

According to Latitude, the malicious activity appears to have originated from one of its vendors, resulting in compromised employee login credentials that allowed the attackers to access personal information held by the two service providers.

The company says that the attackers stole roughly 100,000 identification documents from the first service provider. Most of these documents are copies of drivers’ licenses.

The attackers also exfiltrated approximately 225,000 customer records from the second service provider, but the company was not clear as to what type of personal information these records contain.

Advertisement. Scroll to continue reading.

“Latitude is continuing to respond to this attack and is doing everything in its power to contain the incident and prevent the theft of further customer data, including isolating and removing access to some customer-facing and internal systems,” the company notes in a notification to Australian Securities Exchange (AXS).

Latitude also says that it has sent notifications to all customers to warn them of the incident and that it will provide further information on the attack as its investigation advances.

The company also underlined that the cyberattack is causing outages that impact its ability to respond to customers.

Based on Latitude’s description of the incident, it’s possible that the company is dealing with a ransomware attack. 

Related: Data Breach at Independent Living Systems Impacts 4 Million Individuals

Related: Hawaii Health Department Says Death Records Compromised in Recent Data Breach

Related: Zoll Medical Data Breach Impacts 1 Million Individuals

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.