technology

Payments firm Latitude Group fears 328,000 IDs stolen in cyber attack


Australian digital payments and lending firm Latitude Group Holdings said on Thursday a hacker had stolen personal information of around 328,000 customers held by two service providers through employee login credentials.

About 103,000 identification documents, more than 97% of which are copies of drivers’ licences, were stolen from the first service provider, while about 225,000 customer records were stolen from the second service provider.

Latitude said it had detected unusual activity on its systems over the last few days originating from one of its “major” vendors, but did not disclose its identity.

“The attacker was able to obtain Latitude employee login credentials before the incident was isolated,” the company said in an exchange filing.

Latitude, which provides consumer finance services to the country’s major retailers including Harvey Norman and JB Hi-Fi, said it was attempting to contain the situation and stop the theft of additional consumer data.

The loans, credit card and insurance provider also said it was working with the Australian Cyber Security Centre and relevant authorities to investigate the attack.

Discover the stories of your interest


Shares of the firm were halted as at 0250 GMT. “While early days, there is undoubtedly going to be a short-term cost impact,” analysts at Citigroup said in a note.

“Costs of A$10 million to A$15 million could be a reasonable estimate based on the respective size of businesses and customer bases, but could be mitigated by cyber insurance.”

Latitude Group, owned nearly 64% by an entity controlled by KKR, has recently been focusing on attempts to reduce costs, including selling its Hallmark insurance business and also exiting the buy-now pay-later space in the Australia-New Zealand market.

Readers Also Like:  Communications blackout and spiraling hunger compound misery in Gaza Strip as war enters 11th week

Earlier in the day, intellectual property services provider IPH Ltd also flagged unauthorised access to a portion of its IT environment.

Australia has been hit by a slew of cyber attacks since late last year, with health insurer Medibank Private and Optus, the local unit of Singapore Telecommunications being the largest victims.

Stay on top of technology and startup news that matters. Subscribe to our daily newsletter for the latest and must-read tech news, delivered straight to your inbox.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.