Criminals demand ransom payment from Latitude

In a trading update this morning (11 April), Latitude Financial told investors it had received a ransom demand from the criminals behind the major cyber attack on the company.

Latitude stated it would not pay a ransom — a decision consistent with the position of the Australian government.

The matter is under investigation by the Australian Federal Police and Latitude continues to work with the Australian Cyber Security Centre and cyber security experts on its response.

The stolen data the attackers have detailed as part of their ransom threat is consistent with the number of affected customers disclosed by Latitude on 27 March 2023. 

“Latitude will not pay a ransom to criminals,” Latitude Financial CEO Bob Belan said.

“Based on the evidence and advice, there is simply no guarantee that doing so would result in any customer data being destroyed and it would only encourage further extortion attempts on Australian and New Zealand businesses in the future,” he said.

“Our priority remains on contacting every customer whose personal information was compromised and to support them through this process. In parallel, our teams have been focused on safely restoring our IT systems, bringing staffing levels back to full capacity, enhancing security protections and returning to normal operations.

“I apologise personally and sincerely for the distress that this cyber attack has caused and I hope that in time, we are able to earn back the confidence of our customers.”

The lender is currently in the process of contacting all customers, past customers and applicants whose information was compromised, outlining details of the information stolen, the support it is providing and its plans for remediation.

While the lender had gone offline following the attack, it said that business operations were being restored. Latitude’s primary Customer Contact Centre is now back online and operating at full capacity. Customers can also access services via the Latitude website and mobile app.

New customer originations have also recommenced.

The major cyber attack was first revealed via a trading update on 16 March. Since then, Latitude has revealed that around 7.9 million driver’s licence numbers and hundreds of thousands of passport numbers have been stolen.

It is estimated that 6.1 million records dating back to 2005 were also stolen and around 94 per cent of those documents were provided before 2013. Those records included “some but not all” of the personal information: name, address, telephone, and date of birth.

[Related: Millions of ID documents stolen in Latitude attack]