investor daily logo

Non-bank lender refuses to pay ransom demand following major data breach

4 minute read

The non-bank lender says it will not pay a ransom to criminals who stole personal identification documents from customers.

In a trading update on Tuesday (11 April), Latitude Financial told investors it had received a ransom demand from the criminals behind the cyber attack on the company.

Latitude stated it will not pay a ransom — a decision consistent with the position of the Australian government.

The stolen data the attackers have detailed as part of their ransom threat is consistent with the number of affected customers disclosed by Latitude on 27 March 2023. The matter is under investigation by the Australian Federal Police and Latitude continues to work with the Australian Cyber Security Centre and cyber security experts on its response.


The lender is currently in the process of contacting all customers, past customers, and applicants whose information was compromised, outlining details of the information stolen, the support it is providing and its plans for remediation.

“Latitude will not pay a ransom to criminals,” Latitude Financial chief executive officer Bob Belan said.

“Based on the evidence and advice, there is simply no guarantee that doing so would result in any customer data being destroyed and it would only encourage further extortion attempts on Australian and New Zealand businesses in the future,” he said.

“Our priority remains on contacting every customer whose personal information was compromised and to support them through this process. In parallel, our teams have been focused on safely restoring our IT systems, bringing staffing levels back to full capacity, enhancing security protections, and returning to normal operations.

“I apologise personally and sincerely for the distress that this cyber attack has caused and I hope that in time we are able to earn back the confidence of our customers.”

Regular business operations are being restored, with Latitude’s primary Customer Contact Centre back online and operating at full capacity. Customers can also access services via the Latitude website and mobile app.

New customer originations have also recommenced.

The major cyber attack was first revealed via a trading update on 16 March. Since then, Latitude has revealed that around 7.9 million driver’s licence numbers and hundreds of thousands of passport numbers have been stolen.

It is estimated that 6.1 million records dating back to 2005 were also stolen and around 94 per cent of those documents were provided before 2013.

Those records included “some but not all” of the personal information: name, address, telephone, and date of birth.

Also last month, NGS Super alerted customers to a cyber attack, with the industry super fund confirming at the time that some of its systems were accessed by an attacker for a short period of time. 

Maja Garaca Djurdjevic

Maja Garaca Djurdjevic

Maja's career in journalism spans well over a decade across finance, business and politics. Now an experienced editor and reporter across all elements of the financial services sector, prior to joining Momentum Media, Maja reported for several established news outlets in Southeast Europe, scrutinising key processes in post-conflict societies.