latitude group cyber attack: Payments firm Latitude Group fears 328,000 IDs stolen in cyber attack

Australian digital funds and lending agency Latitude Group Holdings mentioned on Thursday a hacker had stolen private info of round 328,000 clients held by two service suppliers by worker login credentials.

About 103,000 identification paperwork, greater than 97% of that are copies of drivers’ licences, had been stolen from the primary service supplier, whereas about 225,000 buyer data had been stolen from the second service supplier.

Latitude mentioned it had detected uncommon exercise on its methods over the previous couple of days originating from certainly one of its “main” distributors, however didn’t disclose its identification.

“The attacker was capable of receive Latitude worker login credentials earlier than the incident was remoted,” the corporate mentioned in an trade submitting.

Latitude, which supplies shopper finance providers to the nation’s main retailers together with Harvey Norman and JB Hello-Fi, mentioned it was making an attempt to comprise the scenario and cease the theft of further shopper knowledge.

The loans, bank card and insurance coverage supplier additionally mentioned it was working with the Australian Cyber Safety Centre and related authorities to analyze the assault.

Uncover the tales of your curiosity

Shares of the agency had been halted as at 0250 GMT. “Whereas early days, there’s undoubtedly going to be a short-term value affect,” analysts at Citigroup mentioned in a word.

“Prices of A$10 million to A$15 million may very well be an inexpensive estimate based mostly on the respective dimension of companies and buyer bases, however may very well be mitigated by cyber insurance coverage.”

Latitude Group, owned almost 64% by an entity managed by KKR, has not too long ago been specializing in makes an attempt to scale back prices, together with promoting its Hallmark insurance coverage enterprise and likewise exiting the buy-now pay-later area within the Australia-New Zealand market.

Earlier within the day, mental property providers supplier IPH Ltd additionally flagged unauthorised entry to a portion of its IT atmosphere.

Australia has been hit by a slew of cyber assaults since late final yr, with well being insurer Medibank Non-public and Optus, the native unit of Singapore Telecommunications being the most important victims.

Keep on high of know-how and startup information that issues. Subscribe to our day by day e-newsletter for the most recent and must-read tech information, delivered straight to your inbox.