Contents:
Latitude Financial Services, the recently breached Australian loan giant, announces that the number of affected people reaches 14 million.
On March 16, 2023, Latitude disclosed they were the victim of a cyberattack that resulted in 328,000 customer records being exfiltrated. At the moment, it appeared that the leaked data was mostly driver’s licenses.
However, during the investigation, the security team discovered that the impact of the attack was much larger than thought. Researchers now claim the data breach has impacted 14 million customers or loan applicants from Australia and New Zealand. Latitude`s new statement revealed:
As our forensic review continues to progress, we have identified that approximately 7.9 million Australian and New Zealand driver’s license numbers were stolen, of which approximately 3.2 million, or 40%, were provided to us in the last 10 years.
A further approximately 6.1 million records dating back to at least 2005 were also stolen, of which approximately 5.7 million, or 94%, were provided before 2013.
What Kind of Data Was Stolen?
Two weeks ago, Latitude announced hackers breached their internal systems and stole an employee’s login. Further on, threat actors used the credentials to breach two of the company’s service providers and steal customer data.
According to the new statement, 6.1 million customers` full names, addresses, telephone numbers, and dates of birth were exposed. In addition, threat actors managed to steal about 53,000 passport numbers. Owning all the above data enables malicious actors to perform social engineering, phishing, and smishing attacks.
Latitude recommended that affected customers check their credit reports for fraud. The company also offered to cover the costs for the impacted clients who wish to replace their stolen ID documents.
The Australian Federal Police (AFP) is part of the investigations. They recently announced their commitment to helping protect Latitude’s customers and prevent hackers exploit the leaked data.
And if you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.