Latitude Financial data breach surpasses 14 million records; PII, driver’s licenses and passport numbers hijacked by threat actors

The Latitude Financial data breach has passed 14 million exposed customers' records.

According to the most recent cybersecurity incident update from the Australian consumer credit company, the hackers who breached their internal systems on March 16 ran off with much more customer-facing data than initially believed.

As of March 27, Latitude says that data of over 14 million Australian and New Zealand customers was stolen during the cyberattack, including:

• 7.9 million driver's license numbers – 40% of which were provided by consumers in the last ten years
• 6.1 million records dating back to at least 2005 – 94% of which were provided by consumers before 2013. This data includes name, address, telephone number and date of birth
• 53,000 passport numbers
• Financial statements from approximately 100 customers

While the company’s forensic investigation is ongoing, Latitude has emphasized that it is in the process of contacting impacted individuals via email and post and will reimburse customers “who choose to replace their stolen ID document.”

"It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident”, Latitude Financial CEO Ahmed Fahour said.

"We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document,” Fahour added."We urge all our customers to be vigilant and on the look-out for suspicious behaviour relating to their accounts. We will never contact customers requesting their passwords.”

What should consumers do?

Latitude has advised impacted individuals to take some proactive measures to protect against identity theft, such as:

• Checking their credit report for inaccurate information or fraudulent credits
• Freezing their credit
• Staying vigilant against social engineering schemes, including phishing via email, phone or text
• Not sharing sensitive information, including passwords, with individuals who contact you out of the blue or state are a Latitude employee
• Reporting any suspicious activity to the police and Australian Cyber Security Centre

Are you struggling to manage your digital identity and safety amidst the data breach pandemic?

With Bitdefender Digital Identity Protection, you can instantly check if your data has been involved and leaked in a breach, what information was exposed, and assess your risks.

Our identity protection service scours the internet (and Dark Web) for bits of information and tracks them back to your identity while also checking for any leaked passwords and immediate threats to your privacy and digital security – 24/7. So not only can you see your digital footprint at a glance, but you also get recommended steps to take for each account involved in a data breach.