Latitude Financial Data Breach Investigation
Register for the Latitude data breach investigation
Are you a current or former customer of Latitude Financial?
Hayden Stephens and Associates and Gordon Legal are investigating a major security breach at Latitude, a financial services company.
Latitude has confirmed that the following details have been stolen as a result of the breach:
7.9 million driver’s license numbers;
53,000 passport numbers; and
6.1 million customer records which include personal information.
Some customers also had their monthly financial records stolen, however this numbered less than 100 current and former customers.
Latitude have also identified that there may have been further theft of personal information, which has affected past and present customers across Australia and New Zealand.
We encourage you to register to ensure that you will get regular updates on any potential legal action and compensation that may be sought on your behalf. The information that you provide to us will only be used to assist us in this legal investigation: we will not contact you for any other purpose.
Latitude Data Breach Timeline
Latitude Financial (ASX: LFS) updated the Australian Stock Exchange:
"Latitude Financial (ASX: LFS) has received a ransom demand from the criminals behind the cyber-attack on our company.
Latitude will not pay a ransom. This decision is consistent with the position of the Australian Government."
Latitude Financial CEO Bob Belan said:
“Latitude will not pay a ransom to criminals. Based on the evidence and advice, there is simply no guarantee that doing so would result in any customer data being destroyed and it would only encourage further extortion attempts on Australian and New Zealand businesses in the future.
Our priority remains on contacting every customer whose personal information was compromised and to support them through this process.
In parallel, our teams have been focused on safely restoring our IT systems, bringing staffing levels back to full capacity, enhancing security protections and returning to normal operations.
I apologise personally and sincerely for the distress that this cyber-attack has caused and I hope that in time we are able to earn back the confidence of our customers."
Frequently Asked Questions
How long does it take to register?It's quick and easy to register. It should take you less than a minute to register your interest.
Can I use my mobile phone to register?Yes, our registration page is optimised for mobile devices.
What is the Latitude Financial data breach investigation about?Hayden Stephens and Associates and Gordon Legal are investigating a major security breach at Latitude, a financial services company. Latitude has confirmed that the following details have been stolen as a result of the breach: 7.9 million driver’s license numbers; 53,000 passport numbers; and 6.1 million customer records which include personal information. Some customers also had their monthly financial records stolen, however this numbered less than 100 current and former customers. Latitude have also identified that there may have been further theft of personal information, which has affected past and present customers across Australia and New Zealand. We encourage you to register to ensure that you will get regular updates on any potential legal action and compensation that may be sought on your behalf. The information that you provide to us will only be used to assist us in this legal investigation: we will not contact you for any other purpose.
Who is eligible to participate in the Latitude investigation?Anyone who is an existing or former Latitude Financial customer, or who has been notified by Latitude that their personal information has been exposed, is eligible to register.
What information do I need to register for the Latitude data breach investigation?In order to register, you will need to provide us with your name, email address and phone number. Registering for this class action is confidential, and information you provide will be used for no purpose other than to keep you updated on the progress of this investigation or advising you of other class actions or legal services we provide.
I am no longer a customer of Latitude, can I still register?Yes, former customers are eligible to register.
Why should I register?By registering, you will gain access to updates about the case, as well as reminders of important court event dates should the matter move forward. This is an extremely serious data breach, and we encourage you to stay informed. Registering is confidential, and obligation free.
How much does it cost to register?Registering for the data breach investigation is completely free of charge. You do not need to pay anything to join.
What is a OAIC investigation?The OAIC (Office of the Australian Information Commissioner) data breach investigation is an inquiry conducted by the Australian government agency responsible for privacy and data protection matters. When an organisation experiences a data breach involving personal information, the OAIC investigates to determine whether the organisation has complied with relevant data protection regulations, including the Privacy Act 1988 (Cth). The OAIC's data breach investigation aims to identify the root cause of the data breach, assess the extent of harm caused, and take necessary steps to minimise the risks and damages to affected individuals. The OAIC has the power to order compensation, demand corrective actions, and impose fines or other penalties on organisations that violate data protection laws. During an OAIC data breach investigation, the organisation under investigation is required to provide evidence and cooperate with the OAIC investigators. The investigation process is conducted in a fair and impartial manner, with the OAIC acting as an independent regulator to ensure that organisations protect the privacy and personal information of their customers and employees.
What is a class action?A class action, also known as a representative or group proceeding, is a legal process in Australia where one person represents a group of individuals who have experienced similar harm or loss due to the actions or negligence of the same party or parties. This type of legal action offers an efficient and cost-effective way for multiple people with comparable claims to collectively seek compensation or justice, especially when pursuing individual claims would be too costly or complicated. In Australia, class actions are governed by the Federal Court of Australia Act 1976 (Cth) and relevant state-based legislation, depending on the jurisdiction involved. To start a class action, there must be at least seven people with claims against the same party or parties that stem from similar circumstances and involve common legal or factual issues. The representative person is responsible for pursuing the claim on behalf of the entire group. Any judgment or settlement reached in the class action applies to all group members, unless they have chosen to opt out of the proceeding.
Latitude Data Breach News
18 June 2023
26 May 2023
22 May 2023
17 May 2023
12 May 2023
10 May 2023
8 May 2023
27 April 2023
21 April 2023
Information & Data Manager
15 April 023
14 April 2023
11 April 2023
3 April 2023
9 News Australia
1 April 2023
29 March 2023
28 March 2023
9 News Australia
The Sydney Morning Herald
Tech Business News
9 News Australia
Business News Australia
27 March 2023
The Canberra Times
Australian Financial Review
20 March 2023
18 March 2023
17 March 2023
16 March 2023
If you have been affected by the Latitude data breach, we encourage you to look at the following resources to help protect yourself:
Australian Cyber Security Centre (ACSC)
The Australian Cyber Security Center (ACSC) provides advice and information about how to protect you, your family and your business online. They lead the Australian Government's efforts to improve cyber security and provide current alerts, and useful resources to help you protect yourself online. ReportCyber is a secure reporting service for cybercrime and online incidents for investigation by law enforcement.
Visit the ACSC website: https://www.cyber.gov.au/
Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams. The ACCC and Scamwatch ask that you report scam-related events. This information is used to keep Australians informed about the latest scams in circulation and to collaborate with the industry to look for innovative ways to disrupt scams.
Medibank Private data breach
Visit the Scamwatch website: https://www.scamwatch.gov.au/
IDCARE is Australia and New Zealand’s national identity & cyber support service. Our service is the only one of its type in the world. We have helped thousands of Australian and New Zealand individuals and organisations reduce the harm they experience from the compromise and misuse of their identity information by providing effective response and mitigation.
Visit the IDCARE website: https://www.idcare.org/
The NSW Government is working with Latitude to support impacted customers following the financial company's recent database cyberattack. If you have had your NSW driver licence details exposed in the Latitude Financial data breach you may need to replace your card.
Visit the Service NSW website: https://www.service.nsw.gov.au/latitude-financial-breach
VicRoads will soon directly contact Victorians impacted by the Latitude breach to confirm their licence details have been flagged in the VicRoads database. Confirmed impacted customers will be issued new licences for free.
Visit the VIC Roads website: https://www.vicroads.vic.gov.au/licences/renew-replace-or-update/latitude-cyber-attack
Phone: 13 11 14
Personal crisis support
Lifeline’s online chat service is available every night