Latitude Monetary has revealed it has been hit by a classy and malicious cyberattack that has compromised a complete of 328,000 separate items of information that it had sourced from its clients.
The loans, bank card and insurance coverage supplier mentioned it had detected uncommon exercise on its programs over the previous few days that was believed to have originated from a significant vendor utilized by Latitude.
The corporate mentioned the attacker appeared to have used worker login credentials to steal private data that was being held by two different of Latitude’s service suppliers.
In a press release to the ASX on Thursday morning, Latitude mentioned roughly 103,000 identifications paperwork – 97% of which have been drivers’ licences – have been stolen from the primary service supplier, whereas 225,000 buyer data have been stolen from a second.
“Latitude is constant to answer this assault and is doing every little thing in its energy to include the incident and forestall the theft of additional buyer knowledge,” it mentioned. “This contains isolating and eradicating entry to some customer-facing and inner programs.”
Latitude mentioned it was working with the Australian Cyber Safety Centre and had alerted related legislation enforcement companies and engaged a number of cybersecurity specialists to help with a response.
“Latitude will cooperate with authorities to analyze this assault. Our priorities are to make sure the continued safety of our clients, our workers and our companions whereas persevering with to ship companies.”
Latitude Monetary’s service provider companions embrace Harvey Norman, City Republic and David Jones, based on The Australian, which reported the latter signed a bank card provide deal in January.
The Latitude cyberattack is the newest in a collection of main cybersecurity breaches in Australia, with Optus and Medibank amongst these corporations focused.
