Sydney: Australia’s financial service provider Latitude confirmed on Monday that about 14 million personal records have been stolen from the company due to a recent cyber attack.
In its update on the cyber theft incident, Latitude said that approximately 7.9 million Australian and New Zealand driver license numbers were stolen, of which approximately 3.2 million, or 40 percent, were provided to the company in the last 10 years.
According to the update, the “malicious attack” exposed 53,000 passport numbers, while less than 100 customers had reported a monthly financial statement leaked. Latitude promised to reimburse customers who choose to replace their ID documents.
Meanwhile, the company also identified that an additional 6.1 million records, dating back to at least 2005, were stolen, of which approximately 5.7 million, or 94 percent, were provided prior to 2013.
These records include some but not all of the following personal information, such as name, address, telephone and date of birth.
“It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologize unreservedly,” said Latitude Financial Services CEO Ahmed Fahour.
“We continue to work around the clock to safely restore our operations. We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days,” he added.
The incident is currently under investigation by the Australian Federal Police, with no suspicious activity observed in Latitude’s systems since March 16.
Latitude first reported the cyber attack on March 16, acknowledging that it resulted in the theft of over 300,000 customer documents. The attacker was believed to have used the employee login credentials to steal the data that was held by the company’s service providers.