Add Category
Latitude said it would begin contacting affected customers on Monday, and has engaged services to help them, including a dedicated contact centre.
Last Thursday, Latitude revealed it had been the victim of a hacking incident and that 328,000 customers had identification documents stolen.
Department store David Jones recently signed up Latitude for consumer finance services. Credit:Simon Schluter
The company said the details were stolen from its service providers. The company did not clarify further, but this is believed to refer to companies that provide corporate services to Latitude.
Latitude said described the hack as “a malicious and sophisticated cyberattack” and said it had removed access to some customer-facing and internal systems.
Unusual activity was noticed on its network earlier last week, originating from a major vendor it uses, it said.
“While Latitude took immediate action, the attacker was able to obtain Latitude employee login credentials before the incident was isolated,” the company said last week.
Latitude is working with the Australian Cyber Security Centre and said it had alerted relevant law enforcement agencies.
Latitude provides consumer finance services to Harvey Norman, JB Hi-Fi, The Good Guys, Apple and recently signed David Jones.
“No David Jones customer data have been compromised in the course of this incident because we have not yet transitioned our card program to Latitude. That will happen in 2024,” a spokesman for David Jones said.
Loading
Latitude was placed into a trading halt last Thursday and will remain suspended until Wednesday while further updates are made about the hack. Its stock last traded at $1.20. Investors paid $2.60 for shares when it listed on the ASX less than two years ago.
The attack follows recent major cyberattacks at Optus and Medibank.
Optus was the victim of a major breach in September, when hackers obtained the data of 10 million of its customers.
The Medibank attack in October was more serious, as criminals accessed basic account details of 9.7 million current and former customers as well as health claims data for about 160,000 Medibank customers, 300,000 customers of its budget arm, ahm, and 20,000 international customers.
The hackers began leaking some stolen data onto the dark web. Medibank still faces lawsuits and an investigation by the Office of the Australian Information Commissioner over its handling of the incident.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.