Latitude Financial, a consumer lending company based in Australia, has refused to pay a ransom to hackers who stole millions of personal records in what has been described as one of the country’s biggest data heists. Last month, the firm disclosed that hackers had stolen the personal information of around 14 million Australian and New Zealand customers, including driving licenses, passport numbers, and other sensitive data.
Latitude Financial has since received a ransom demand from the group responsible for the cyber attack, which it is ignoring, in line with advice from the Australian government. “We will not reward criminal behavior, nor do we believe that paying a ransom will result in the return or destruction of the information that was stolen,” the company said in a statement to the Australian Stock Exchange.
The company added that paying the ransom would only encourage further extortion attempts, without revealing the exact demands made by the hackers. This is in line with the position of the Australian government, which has warned against paying ransoms to cybercriminals as it only fuels the ransomware business model.
The stolen data includes 7.9 million Australian and New Zealand driving licenses and 53,000 passport numbers, as well as 6.1 million other records dating back to at least 2005. This information included names, addresses, telephone numbers, and dates of birth.
The Latitude Financial data breach is just one of several high-profile cyber attacks in Australia in recent months. Other companies, including Australia’s largest private health insurer, Medibank, and telecommunications company Optus, have also been targeted by hackers in separate attacks. In each case, authorities have warned against paying ransoms and urged companies to take proactive measures to secure their networks.
Official ASX ANNOUNCEMENT On The Cyber Incident
Official Release from Latitude Finance dated 16th March,2023
Latitude Financial (ASX: LFS) has detected unusual activity on its systems over the last few days that appears to be a sophisticated and malicious cyber-attack. The activity is believed to have originated from a major vendor used by Latitude.
While Latitude took immediate action, the attacker was able to obtain Latitude employee login credentials before the incident was isolated. The attacker appears to have used the employee login credentials to steal personal information that was held by
two other service providers.
As of today, Latitude understands that approximately 103,000 identification documents, more than 97% of which are copies of drivers’ licences, were stolen from the first service provider. Approximately 225,000 customer records were also stolen from the second service provider.
Latitude apologises to the impacted customers and is taking immediate steps to contact them. Further updates will be provided to the ASX and on Latitude’s website.
Latitude is continuing to respond to this attack and is doing everything in its power to contain the incident and prevent the theft of further customer data, including isolating and removing access to some customer-facing and internal systems.
We are working with the Australian Cyber Security Centre, have alerted relevant law enforcement agencies and engaged several cyber security specialists to assist with Latitude’s response.
Latitude will cooperate with authorities to investigate this attack. Our priorities are to ensure the ongoing security of our customers, our employees and our partners while continuing to deliver services.
Authorised for release to the ASX by the Company Secretary, Vicki Letcher.
The Australian Home Affairs Minister, Clare O’Neil, has described the hackers responsible for these attacks as “scummy criminals” who prey on companies and individuals. She added that giving in to extortion only serves to further fuel the ransomware business model and puts more companies and individuals at risk.
As the frequency and severity of cyber attacks continue to increase, it is essential that businesses and individuals take the necessary steps to protect their data and networks. This includes implementing strong cybersecurity measures, regularly backing up data, and avoiding paying ransoms to cybercriminals.
Authorities are urging companies to remain vigilant and take proactive measures to secure their networks against potential cyber-attacks. This includes educating employees on how to identify and report suspicious activity, regularly updating security software, and implementing multi-factor authentication for all accounts.
The Australian government has also been working to improve its cybersecurity defenses, investing millions of dollars in cybersecurity initiatives and launching a new Cyber Security Strategy. This includes the establishment of the Australian Cyber Security Centre (ACSC), which is responsible for providing cybersecurity advice and assistance to government agencies, businesses, and individuals.
Despite these efforts, cyber attacks remain a significant threat to Australian businesses and individuals. The Australian Cyber Security Centre has reported a sharp increase in the number of cyber attacks targeting Australian organizations in recent years, with ransomware attacks being particularly prevalent.
As businesses continue to rely more on digital systems and services, it is essential that they prioritize cybersecurity and take proactive measures to protect their networks and data. By working together with government agencies and other organizations, they can help to create a more secure and resilient cybersecurity landscape for all Australians.