*Latitude Letter and Advice about Cybersecurity matter sent to millions in Australia
*The Sydney Times reproduces and shares the latest Letter and Information with Advice from Latitude to its customers
Latitude recently experienced a significant and malicious cyber-attack which resulted in data being stolen from our systems. It is with deep regret that I am sharing with you that some of your personal information was compromised.
As Latitude’s CEO, I want to apologise for the impact that this incident has had on you. Know that we are committed to helping you through this process and hope that, in time, we are able to win back your trust.
This email explains what happened, the support we are offering you and the precautions we recommend you take to lower the risk of your information being potentially misused. Be assured, if you choose to replace your licence, we will reimburse you.
Please take a moment to review the information below and contact us with any additional questions or concerns that you may have. Our dedicated customer service team is ready to help and can be reached on (AU) 1300 793 416 or (NZ) 0800 777 885, 9am – 6pm (AEST/NZST), Monday – Friday.
You can also stay up to date with the latest information on this matter by visiting our website: latitudefinancial.com.au/latitude-cyber-incident
Again, please accept my sincere apology. Know that we are working around the clock to restore our systems safely and to ensure that you are supported throughout this process.
Chief Executive Officer
Latitude Financial Services
What kind of information has been impacted?
We have so far identified that the attack resulted in the following kinds of your personal information being compromised. This information was collected from you at the time you applied for credit from Latitude or our predecessor companies.
- The driver licence number you provided us as part of your application.
- The personal information you provided us as part of your application which, where applicable, included your full name, address, date of birth and phone number.
If we identify any other of your personal information has been compromised, we will notify you as quickly as possible.
Latitude experienced a malicious cyber-attack that has resulted in a data theft.
Our investigation has identified that the attacker used compromised login credentials, obtained via a third-party, to access Latitude’s network and steal personal information.
We immediately alerted relevant authorities and law enforcement agencies, including the Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP), and engaged external cyber security specialists to work alongside our own teams.
This crime is now under investigation by the AFP.
We also notified the Office of the Australian Information Commissioner (OAIC) and the New Zealand Office of the Privacy Commissioner (OPC) about this incident on 16 March 2023, and we continue to update them on developments.
Steps we are taking to help you
Identity Information Compromised
Please visit our website latitudefinancial.com.au/latitude-id-information/identity-information for guidance on what to do because you have had identity information compromised.
Please read the guidance carefully. In some cases, you may not need to replace your identity document.
Latitude Dedicated Contact Centre
We have established dedicated contact centres which can be reached on (AU) 1300 793 416 or (NZ) 0800 777 885, 9am – 6pm (AEST/NZST), Monday – Friday.
Our teams can help you understand the information provided in this email. Please be aware that wait times may be much longer than we would like.
Support is available for customers who are in a uniquely vulnerable position as a result of this incident. Our dedicated contact centre teams will be able to provide direct access to the support we have available.
Latitude has partnered with IDCARE, Australia and New Zealand’s national identity and cyber support community service. They have expert Case Managers who can work with you in addressing concerns in relation to personal information risks and any instances where you think your information may have been misused. IDCARE’s services are at no cost to you.
If you wish to speak with one of their expert Case Managers, please visit idcare.org or call (AU) 1800 595 160 or (NZ) 0800 121 068, 8am – 5pm AEST/10am – 7pm NZST, Monday – Friday (excluding public holidays).
When engaging IDCARE, please use the referral code LAT23.
Mental Health Support Line
Mental Health and Wellbeing Support is also available free of charge through our Support Lines on (AU) 1800 808 374 or (NZ) 0800 808 374.
Make a complaint
You have the right to make a complaint to us in the first instance, or to the OAIC or OPC at their websites: oaic.gov.au/privacy/privacy-complaints/what-you-can-complain-about and privacy.org.nz/your-rights/making-a-complaint
Steps you can take to protect yourself
There are immediate precautions that you can take:
You can contact one of Australia’s credit reporting agencies for a credit report to check if your identity has been used to obtain credit without your knowledge.
In New Zealand, you can check your credit record to confirm if your identity has been used to obtain credit without your knowledge. For further information, please refer to:
- You can also request the agencies to place a credit ban or suspension on your credit file via their website or by contacting them directly. While a ban or suppression is in place it may be more difficult for you to apply for credit. For example, a credit provider may need to collect more personal information directly from you.
You can find information on how you can protect yourself from the Australian Government at cyber.gov.au or the New Zealand Office of the Privacy Commissioner at privacy.org.nz/resources-2/protecting-yourself-from-a-privacy-breach
Be alert for any phishing scams that may be sent via SMS, phone, email or post.
You should always verify the sender of any communications you receive to ensure they are legitimate.
You should never click on links contained in SMS or email messages unless you know they are from a legitimate source.
Be careful when opening or responding to texts from unknown or suspicious numbers.
Be careful when answering calls from private numbers or callers originating from unusual geographic locations.
You should regularly update your passwords and ensure they are strong. You should use multi-factor authentication where possible.
The latest information is available on our dedicated webpage: latitudefinancial.com.au/latitude-cyber-incident
On behalf of the team at Latitude, I am very sorry that I have had to send you this email. Thank you for your understanding and patience.