A Cyber Attack Resulted in the Theft of Latitude’s Customer Data
Latitude has fallen victim to a “sophisticated and malicious” cyberattack, which has led to the theft of approximately 1,03,000 identification documents and 2,25,000 customer records.
Following a cyberattack, Latitude Financial Services (aka Latitude) has revealed a data breach, which has forced the company to close down both internal and customer-facing systems.
As the largest non-bank consumer credit lender in Australia, Latitude is a significant provider of personal loans in the country.
Latitude, a subsidiary of Deutsche Bank and KKR, offers a wide range of consumer finance services such as unsecured personal loans, credit cards, car loans, personal insurance, and interest-free retail finance.
In addition, Latitude offers “Buy Now, Pay Later” (BNPL) programs to major Australian retailers such as JB Hi-Fi, Harvey Norman, The Good Guys, David Jones.
According to Citi analyst Brendan Sproules, the cyberattack could result in short-term expenses ranging from $10 million to $15 million as Latitude takes steps to safeguard customer identities and enlist the services of expert advisors. However, any costs incurred may be offset by cyber insurance policies in place.
The data breach has occurred just a month before the scheduled departure of CEO Ahmed Fahour. He will be succeeded by Bob Belan, the current head of the money unit. This presents an additional challenge for the already struggling lender.
Latitude has reported that over 97% of the 1,03,000 stolen ID documents were duplicates of driver’s licenses taken from the first service provider, while the second service provider had approximately 2,25,000 customer records stolen.
As part of its response to the incident, Latitude has closed down various internal and customer-facing systems, and is continuing to work on containing the attack and preventing any additional breaches or theft of customer data.
In an ASX announcement, Latitude expressed its apologies to the affected customers and stated that it is taking prompt action to reach out to them.
“Latitude’s priorities are to ensure the continued security of our customers, employees, and partners while also maintaining service delivery,” the company stated, promising to provide further updates to the ASX.
