Latitude Financial Data Breach

Australian lending company and digital payments platform Latitude Financial recently became one of the biggest Australian companies to suffer a major data breach, resulting in cyber criminals gaining access to hundreds of thousands of customer data

Latitude Financial provides credit card services, insurance services, and personal loans and car loans to consumers. The company also provides financial services to Harvey Norman, The Good Guys, Apple, and JB Hi-Fi customers.

If you’re one of the 2.8 million customers that Latitude Financial has across Australia and New Zealand, you might be wondering what this security incident means for you. In this blog, we will discuss what happened in the breach, what types of data were accessed, what the breach means for you, and what you can do if you were affected.

What happened in the Latitude Financial data breach?

In a statement to the ASX published last March 16, Latitude Financial announced that it had detected unusual activity on its systems that appears to be a “sophisticated and malicious cyberattack.” The company believes that the activity began from a major vendor that they use, which is believed to be a back-end infrastructure provider. As a result, the threat actor was able to obtain Latitude Financial login credentials before they were stopped. They then used those details to steal personal data from other service providers.

According to Latitude, approximately 103,000 identification documents, 97% of which are copies of drivers’ licenses, were stolen from the first service provider. Less than 4% were copies of passports or passport numbers, while less than 1% were Medicare numbers. About 225,000 customer records were  pilfered from the second provider.

To prevent more data from being stolen, Latitude Financial revoked access to some customer-facing and internal systems. The company also said that it is working with the Australian Cyber Security Centre (ACSC), had alerted relevant law enforcement agencies, and worked with cyber security specialists to assist with their response regarding the breach.

Aside from these actions, Latitude Financial said that it was contacting customers affected by the attack. “Latitude apologises to the impacted customers and is taking immediate steps to contact them,” the company said in a statement to the ASX. In a later update, Latitude Financial said that they will help affected customers replace identification documents, where necessary, free of charge.

On March 28, Latitude Financial updated its data breach notification, which now says that there are 14 million affected individuals. Of these, 7.9 million Australian and New Zealand drivers’ licence numbers and 6.1 million records dating back to at least 2005 were taken by hackers. 

Latitude Financial is only one of the many companies that recently suffered a major data breach. Last September 2022, telecommunications firm Optus suffered a security incident that exposed 10 million customer accounts. The alleged hacker threatened to sell the data unless Optus paid US$1 million in cryptocurrency. However, they eventually dropped the threat and apologized for the issue they caused.

One month later, private health insurance provider Medibank suffered a similar incident where cyber criminals accessed the account details of 9.7 million current and former customers. This included claims data for 160,000 Medibank customers, 300,000 customers of its budget arm ahm, and 20,000 international clients.

What does the Latitude Financial data breach mean for you?

If you’re a Latitude Financial customer and received a notification from the company, this means that your data might have been affected. It’s also unclear if the ID numbers on the licence cards were accessed. If they were, the breach would be even more concerning.

This is because if cyber criminals get a copy of your licence cards, they could easily commit identity or financial theft. For example, they might use your personal data to open new credit accounts or apply for loans in your name and then leave you with an exorbitant bill and a damaged credit score. They could also use your driver’s license information for fraudulent activities such as creating fake IDs or selling your personal information on the dark web. This is why security experts call drivers’ licenses the “golden ticket” for criminals.

What can you do if you were affected by the breach?

It’s not too late to protect yourself if you were affected by the breach. Here are some steps you can take to ensure that threat actors cannot use your data against you:

Monitor your financial accounts

Keep a close eye on your bank accounts, credit cards, and other financial accounts linked to your personal information for any suspicious activity. For instance, you can set alerts to notify you of any transactions made using your debit or credit card. This way, if you notice any unauthorized activity, you can report the issue to your bank and block the transaction.

Change your passwords immediately

It’s possible that some of your passwords might have been affected by the breach. As such, it’s important to change all of your passwords immediately. Use strong and unique passwords for each account, and use password managers to keep track of them. This way, you can make sure that your accounts are secure without the need to remember all of your passwords.

Turn on multifactor authentication (MFA)

MFA requires users to present another proof of their identity aside from a username and password when accessing an account. This could be a fingerprint or facial scan, one-time PIN, or a security key. By turning on MFA, cyber criminals won’t be able to access your accounts and steal data even if they acquired your login credentials.

Be wary of phishing scams

Cyber criminals may use your stolen data to conduct phishing scams. For instance, they could send fraudulent emails or text messages that claim to be from a legitimate company to steal even more sensitive data. Therefore, avoid clicking on links or download attachments from unsolicited emails as much as possible.