Cyber Incident Victim: Latitude Financial Services
Date:
Mar 2023
Location:
Australia
Summary
A cyber-attack on Latitude Financial Services compromised personal data including approximately 7.9 million driver licence numbers and 53,000 passport numbers from Australian and New Zealand customers, with an additional 6.1 million historical records containing names, addresses, and dates of birth stolen. The company confirmed no suspicious activity following the incident, initiated investigations involving law enforcement, and offered ID replacement reimbursement and support services such as dedicated contact centres and collaboration with IDCARE. Latitude acknowledged the distress caused, notified affected individuals, and implemented enhanced security measures while restoring operations, maintaining insurance coverage for cyber risks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around March 16, 2023, Latitude Financial Services experienced a malicious cyber-attack resulting in a significant data breach. The company confirmed no suspicious activity was observed in its systems after that date, indicating the attack likely concluded by then. A forensic investigation revealed the theft of approximately 7.9 million Australian and New Zealand driver licence numbers, with 3.2 million (40%) provided within the last decade. An additional 6.1 million records dating back to at least 2005 were stolen, 94% of which predated 2013. These older records contained personal information such as names, addresses, telephone numbers, and dates of birth, though Latitude clarified not all fields were present in every record. The breach also compromised approximately 53,000 passport numbers and fewer than 100 customers’ monthly financial statements. Latitude engaged the Australian Federal Police and the Australian Cyber Security Centre for investigation support, while initiating notifications to all affected current customers, past customers, and applicants regarding the compromised data. CEO Ahmed Fahour publicly apologized, acknowledging the distressing impact and committing to reimbursing identification document replacement costs for impacted individuals.
Latitude implemented a comprehensive response framework, including dedicated contact centers operating weekdays in Australia and New Zealand and specialized hardship support for vulnerable customers. The company partnered with IDCARE, a not-for-profit cyber incident resource, to provide free assistance via phone referrals using the code LAT23. Mental health support lines were activated in both countries, and website updates maintained current information. Latitude urged affected individuals to obtain credit reports from national agencies to detect unauthorized activity and consider credit bans or suspensions, while cautioning that such measures would temporarily restrict new credit applications. The company emphasized vigilance against phishing attempts, suspicious communications, and password reuse, explicitly stating Latitude would never request passwords or sensitive data. Internally, Latitude restored operational platforms with enhanced security monitoring, citing ongoing efforts to rectify impacted systems. The company confirmed cybersecurity insurance coverage for the incident but did not disclose specific restoration timelines or forensic findings regarding attack methodologies.