Millions of customers could soon be compensated via a class action lawsuit, after Latitude Financial admitted that the records of more than 14 million Australians had been hacked.
Law firms Hayden Stephens and Associates and Gordon Legal have announced a potential class action against the company, which provides consumer finance services for David Jones, JB Hi-Fi, Apple, The Good Guys and Harvey Norman.
Until very recently , Latitude also operated a buy now, pay later service called LatitudePay, which it recently shut down.
The lawsuit comes just one day after Latitude Financial announced that a huge tranche of customer information had been stolen – stretching back to 2005, and including 7.9million driver’s licence numbers, 53,000 passport numbers and 6.1million customer records.
Fewer than 100 customers had their monthly financial records stolen.
Two legal firms have launched an investigation into the Latitude Financial Services (pictured) hack after millions of Australians and New Zealanders had their personal information stolen
The law firms will investigate the hack as part of a potential class action and is urging customers to sign up for updates.
Lawyer Hayden Stephens said it must be established how the breach occurred and what harm has been passed on to Latitude customers.
‘Very much part of our investigation is to get answers to those questions,’ Mr Stephens, director of Hayden Stephens and Associates, told Sunrise.
‘It is possible, even probable, that this breach could have been avoided.’
Mr Stephens previously told The Australian newspaper that the option for compensation was being explored.
While all customers are encouraged to register for updates from the investigation, customers will likely need to prove harm suffered as a result of the breach in order to join a potential class action lawsuit.
‘In circumstances where someone has suffered distress or anxiety or they’ve seen evidence that data has been stolen or used in an inappropriate way, then it’s every possibility that they could join the class action,’ Mr Stephens said.
‘What’s important is to understand what your rights are… part of the investigation is to get answers to key questions and then offer information to consumers so that they can make an informed decision about what they would like to do next.’
The hack is also under investigation by the Australian Federal Police while Latitude Financial work with the Australian Cyber Security Centre and cyber security experts to find its cause.
The director of Hayden Stephens and Associates, Hayden Stephens (pictured), urged all customers to sign up for updates in the investigation in order to make a decision about whether they should join the potential class action lawsuit
Latitude first updated the Australian Stock Exchange on March 16, writing they had recognised unusual activity on their servers.
Initially the company believed just 308,000 identification documents had been stolen.
‘We’re writing to you directly to update you on a recent cyber-attack that Latitude Financial is actively responding to,’ Andrew Walduck, Latitude Financial’s Chief Operating Officer, wrote to customers later that day.
‘Regrettably, the attack has resulted in the theft of some customer data.
‘Latitude apologises to its customers, particularly those who were impacted.’
The company believes that there has not been more suspicious activity since the original hack.
The company’s Chief Executive, Ahmed Fahour – who is retiring from his position on Friday – apologised ‘unreservedly’ for the hack.
‘It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident,’ he said in a release to the ASX.
‘We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. We are also committed to a full review of what has occurred.’
The March 16 hack stole around 14million pieces of personal information, including 7.9million driver’s licence numbers, 53,000 passport numbers and 6.1million customer records (stock)
Latitude now joins a string of firms that have been attacked by hackers over the previous 12 months.
On March 29, property development giant, Meriton, confirmed they had been the victim of a hack over two months prior on January 14.
The data stolen in the hack reportedly includes personal information such as bank details, birth certificates as well as employee information such as salaries and HR complaints.
Meriton have warned 1,889 people affected by the hack to take steps to protect their identity.
***
Read more at DailyMail.co.uk