So far, more than 330,000 customers had been impacted by the cyberattack
Latitude Financial has announced that it will cover the cost of replacing customers’ identification documents after a cyberattack exposed the data of more than 300,000 people.
The Melbourne-based Australian finance company operated Genoapay, Gem Visa, and GO Mastercard as well as 28° Global, Infinity Rewards, and Low Rate credit cards, Latitude personal loans and vehicle loans.
In an announcement to the Australian share market, the company said an attacker appeared to have stolen personal information that was held by two Latitude service providers, affecting customers across Australia and New Zealand.
Ahmed Fahour, Latitude Financial Services CEO, said due to the attack remaining active, its platforms had to be taken offline and were unable to service customers or retailers, Stuff reported.
“We cannot restore this capability immediately; however, we are working to do so gradually over the coming days and ask our customers for their continued patience,” Fahour said.
To date, roughly 330,000 customers and applicants had been confirmed to have had their personal information stolen. Of the stolen customer data, roughly 96% were copies of drivers’ licences or driver licence numbers, less than 4% were copies of passports or passport numbers, and less than 1% were Medicare numbers.
“As our review deepens to include non-customer originating platforms and historical customer information, we are likely to uncover more stolen information affecting both current and past Latitude customers and applicants,” Fahour said. “We will provide a further update when we have more information to share.”
On Monday, four days after the attack started, Latitude began contacting those who were impacted to inform them what personal information had been stolen. The company said it was working with relevant agencies to replace impacted customers’ identification documents, where necessary, free of charge.
But Genoapay customer Terence Osmena said he’d had no communication from the company.
“I spent $38 replacing my driver’s licence, and still haven’t heard from anyone at Genoapay. I did this on my own to protect myself,” he said.
Osmena said the company was taking too long to get in touch with potentially affected customers.
“They could have still told individuals without breaching any legal requirements from Genoapay,” he said. “This also meant the window of opportunity where a crime could be committed was wider than it should have been.”
Fahour said Latitude was still assessing the anticipated total cost of the incident to the company.
The Australian Federal Police is investigating the attack.
Customers could also reach out to Equifax or Centrix to confirm if their identity had been used to obtain credit without their knowledge, Stuff reported.
Have experience with a cyberattack? Let us know in the comment section below.
