Consumer finance provider Latitude Financial has reported that it was hit by a cyber attack that resulted in the theft of identification documents of 328,000 customers, including driver’s license details of about 100,000 customers.
The company provides finance services to several retailers, including Harvey Norman, JB Hi-Fi, The Good Guys, Apple, and David Jones. It has not confirmed if customers using financing from these companies were affected by the breach. Latitude has apologized to impacted customers and is taking immediate steps to contact them.
According to the company, the details were stolen from service providers it uses, but it did not clarify further.
The attack appears to have used employee login credentials to steal personal information that was held by two other service providers. Latitude is working with the Australian Cyber Security Centre (ACSC) and has alerted relevant law enforcement agencies.
The incident follows recent major cyber attacks at Optus and Medibank. Analysts expect that the incident will trigger a multi-million dollar bill, but the longer-term damage is harder to assess. The attack highlights the need for Australian companies to think hard about password and identity management.
Cyber Security Minister Clare O’Neil said that the incident is another reminder for everyone in the community to be vigilant about their personal cybersecurity.
Latitude has been placed into a trading halt until a further update is released about the hack attack in coming days.
The stock last traded at $1.20. Investors paid $2.60 for shares when it listed on the ASX less than two years ago. Longer term, the impact on the business is more difficult to gauge as it is unclear what the extent of the incident will be and how much franchise damage it will cause.