Federal police investigate Latitude cyber attack, impact widens

27 March 2023

The Australian Federal Police are investigating a malicious cyber attack on Latitude Financial that has led to the theft of documentation details provided by millions of people.

In an update today Latitude says about 7.9 million Australian and New Zealand driver licence numbers were stolen, of which 40% were provided in the past 10 years, as well as some 53,000 passport numbers and monthly financial statements for less than 100 customers.

In addition, about 6.1 million records dating back to at least 2005 were taken, with about 94% of those given before 2013. The records include some but not all of: names, addresses, telephone numbers and dates of birth.

“It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly,” CEO Ahmed Fahour said.

“We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. We are also committed to a full review of what has occurred.”

Latitude says it’s working with the Australian Cyber Security Centre and expert cyber security advisers on the attack and has notified its insurers.

The company, which reported the attack on March 16, says that to the best of its knowledge no suspicious activity has been observed on the company’s systems since then.