Latitude Monetary has revealed a cyber assault and knowledge breach that impacts roughly 225,000 clients, together with unauthorized entry to only shy of 100,000 copies of driver’s licenses.
The monetary providers firm, which provides loans, insurance coverage and digital cost merchandise, entered a buying and selling halt on the Australian Securities Change this morning.
The corporate stated that “uncommon exercise” was detected on programs; it stated the exercise “is believed to have originated from a significant vendor” it engages.
The attacker obtained Latitude worker login credentials earlier than the incident was remoted, the corporate stated [pdf]and that allowed them to “steal private info that was held by two different service suppliers”.
Latitude didn’t establish these service suppliers.
“As of immediately, Latitude understands that roughly 103,000 identification paperwork, greater than 97 p.c of that are copies of driver’s licenses, have been stolen from the primary service supplier,” it stated.
“Roughly 225,000 buyer information have been additionally stolen from the second service supplier”, it added, with out detailing the extent of knowledge these buyer information held.
The corporate stated it’s “doing all the things in its energy to comprise the incident and stop the theft of additional buyer knowledge”.
That features taking down some customer-facing inner programs, Latitude stated.
Additionally it is working with the Australian Cyber ​​Safety Centre, has alerted “related” legislation enforcement companies, and has engaged “a number of cyber safety specialists”.
