Latitude hack now under state investigation as customers struggle to protect their accounts

Latitude Financial has revealed that a cyber attack that hit the company last week is now under investigation by the Australian Federal Police (AFP).

The company said on 16 March that it had detected unusual activity on its systems. Today, it confirmed that the activity is a sophisticated and malicious cyber attack which is still ongoing.

Latitude has taken its systems offline and is unable to service its customers or merchant partners, it said. However, it’s aiming to restore its platform “gradually” over the next few days.

Taking the systems offline has already impacted a score of its customers, all reporting various different issues.

One user complained on Twitter that they were unable to make changes to their account, such as setting a new password, but couldn't access it due to the relevant systems being taken offline.

“Unfortunately, we have restricted access to internal and customer-facing systems,” replied a customer service agent. “This is to ensure we contain the security breach. I understand it's really frustrating not being able to log in.”

Other users were unable to make payments as a result of systems being taken offline, and one said it was the second time their data had been accessed in recent times, with the first being through the major ransomware attack on Medibank in October 2022.

As well as the AFP, the financial services company has also engaged the Australian Cyber Security Centre (ACSC), cyber security experts, and other government agencies.

“Our people are working around the clock to contain the attackers. We have taken the prudent action of isolating some of our technology platforms which means that we are currently not onboarding new customers,” Latitude said.

“In conjunction with our cyber security experts, we are continuing our forensic review of our IT platforms to identify the full extent of the theft of customer information as a result of the attack on Latitude."

Latitude has confirmed that around 330,000 customers and applicants have had their personal information stolen so far, around 96% of which is related to the theft of driving licenses or numbers.

The remaining stolen data was comprised of copies of passports or passport numbers, and Medicare numbers, 4% and 1% respectively, by Latitude's estimates.

However, the company said that it’s likely to discover more stolen information affecting current and past Latitude customers and applicants, as it continues with a forensic review which will now include “non-customer originating platforms and historical customer information”.

The Melbourne financial firm, which provides credit cards, insurance, and loans to consumers and businesses, is set to contact each impacted individual to confirm what personal information has been stolen.

It will work with relevant agencies to replace identification documents at no cost to Latitude customers. Latitude has also enlisted IDCARE, a charity that provides support to individuals or businesses that suffer a cyber attack.

Latitude also confirmed that it has cyber security insurance and has notified its insurers of the cyber attack.

“While we continue to deliver transactional services, some functionality has been affected resulting in disruption,” said Ahmed Fahour, CEO at Latitude.

“We are working extremely hard to restore full services to our customers and merchant partners and thank them for their patience and support. We understand their frustration.”