Firstmac, an Australian non-bank lender, recently fell victim to a cyberattack that resulted in the theft of sensitive customer data including tax file numbers and dates of birth. The Brisbane-based company, which specializes in home loans and collects term deposits, alerted its customers to the breach via an email sent on Tuesday morning. This cyberattack is part of a worrying trend among financial institutions, with similar incidents reported at Latitude Financial and Suncorp, highlighting an increasing vulnerability within the sector.
The security breach at Firstmac was discovered when an unauthorized third party accessed parts of the company’s IT system. This intrusion led to the compromise of personal information such as names, contact details, and financial data of customers. Firstmac quickly responded by conducting an investigation, which is ongoing, to understand the full scope and impact of the incident. They also engaged forensic experts to aid in their analysis and ensure that appropriate measures are taken to secure their systems.
In response to the breach, Firstmac has taken proactive steps to support affected customers. The company has partnered with IDCare, an identity and cyber support service, to provide free assistance to those impacted. Additionally, Firstmac advised customers to be alert for possible scams and recommended contacting the Australian Tax Office to enable extra monitoring on their accounts, a precaution aimed at preventing potential misuse of stolen data.
Firstmac’s handling of the incident underscores its commitment to transparency and customer care, in line with the values of the family-owned business. They have assured stakeholders that communication will continue to be clear and timely throughout the investigation process. This breach serves as a critical reminder of the persistent cybersecurity threats facing the financial industry and the importance of robust security practices to safeguard sensitive customer information.
