Hackers Breach Australia’s Latitude Financial, Making off with 300,000 Customer Records, Including Drivers’ Licenses

Australia’s Latitude Financial has had a run-in with hackers, resulting in the theft of more than 300,000 customer records, including drivers’ licenses.

Latitude is a financial services company with headquarters in Melbourne, Victoria, which does business in New Zealand under the name Gem Finance.

It offers unsecured personal loans, credit cards, car loans, personal insurance and interest-free retail finance. It holds a 6% share of Australia’s personal lending market, making it the biggest non-bank lender of consumer credit down under.

Visitors to latitudefinancial.com.au today are greeted by a red banner saying:

“Latitude is responding to a cyber-attack that has resulted in the theft of some customer data. We are currently experiencing disruption to services while we work to contain the attack and we apologise for the inconvenience. For further information and updates please visit our dedicated help page."

According to a cyber incident memo filed to Australia’s Securities Exchange, Latitude recently detected unusual activity on its systems “that appears to be a sophisticated and malicious cyber-attack.”

“The activity is believed to have originated from a major vendor used by Latitude,” the company says.

The hackers allegedly managed to obtain employee login credentials, likely by socially-engineering an unsuspecting or distracted staffer, and used that privileged access to make off with:

• approximately 103,000 identification documents, more than 97% of which are copies of drivers’ licenses
• approximately 225,000 customer records (Latitude doesn’t detail the specific data involved)

To prevent further theft of customer data, Latitude has isolated and removed access to some customer-facing and internal systems.

In a separate update on its website, the company says no action is required by customers at this stage, though it recommends they maintain “a normal level of vigilance on their accounts” and report any suspicious activity through the company’s customer care team.

The incident bears the telltale signs of a ransomware attack, meaning there is a good chance those 300,000+ stolen records might end up for sale on hacking forums soon - if the victim company doesn’t cede to the hackers’ demands.