In March 2023, Latitude Financial experienced a significant data breach due to a cyber-attack. The incident led to the theft of personal information of customers, past customers, and applicants in Australia and New Zealand.

How many accounts were compromised?

The breach impacted data related to approximately 14 million individuals.

What data was leaked?

The data exposed in the breach included social security numbers, driver's license numbers, passport numbers, financial information, email addresses, and contact details.

How was Latitude Financial hacked?

The cyber-attack on Latitude Financial led to the theft of personal information of 14 million customers, past customers, and applicants in Australia and New Zealand. While specific methods used by the hackers remain undisclosed, Latitude acted immediately to contain the attack, engaging external cyber-security experts and relevant authorities. The company refused to pay the ransom demanded by the cybercriminals and has since enhanced its security measures to protect personal and identity information.

Latitude Financial's solution

In response to the hacking incident, Latitude Financial took immediate action to contain the attack and engaged with external cybersecurity experts, the Australian Cyber Security Centre, the Australian Federal Police, and relevant government agencies. The company has since conducted a comprehensive review of its security measures and implemented further enhancements to protect the personal and identity information of customers, partners, and employees. Latitude also contacted affected individuals, providing support and reimbursement for the cost of replacing identification documents, while advising customers to set up multi-factor authentication and remain vigilant against potential fraud, scams, and phishing attempts.

How do I know if I was affected?

Latitude Financial notified affected individuals about the breach. If you are a Latitude Financial customer, past customer, or applicant and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

1. Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

3. Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

4. Monitor Your Accounts: Keep a close eye on your accounts for any suspicious activity, and report any unauthorized transactions or changes to the appropriate financial institutions or service providers.

For more specific help and instructions related to Latitude Financial's data breach, please visit their Self-Service Support page.

Where can I go to learn more?

If you want to find more information on the Latitude Financial data breach, check out the following news articles:

• A Statement of Notification

• Passports and Medicare stolen in Latitude breach

• Latitude Cyber Incident | Information and support