Latitude Financial has released a press release saying they will not be paying the ransom demand from the threat actors that infiltrated their network on 16 March 2023.
According to the release, “Latitude will not pay a ransom. This decision is consistent with the position of the Australian Government.
We will not reward criminal behavior, nor do we believe that paying a ransom will result in the return or destruction of the stolen information.
“In line with advice from cybercrime experts, Latitude strongly believes that paying a ransom will be detrimental to our customers and cause harm to the broader community by encouraging further criminal attacks.”
Further statements also indicated that they are working with the Australian Cyber Security Center and cyber-security experts to investigate the issue further.
As per the reports on 27 March 2023, the stolen data accounts for approximately 7.9 million License numbers of Australian and New Zealand drivers, of which nearly 40% (3.2 million) of them belonged to the data that the company got in the last ten years.
In addition, 53,000 passport numbers, 100 customers’ financial statements, and 6.1 million records from 2005 were stolen.
94% of the records were received before 2013. These records contain personal information like name, address, date of birth, and telephone.
Latitude has also created a remediation program to support individuals affected by this.
Managing Director and CEO Executive General Manager, Money Bob Selan, said, “Our priority remains on contacting every customer whose personal information was compromised and to support them through this process.”
“In parallel, our teams have been focused on safely restoring our IT systems, returning staffing levels to total capacity, enhancing security protections, and returning to normal operations.”
“I apologize personally and sincerely for the distress that this cyber-attack has caused, and I hope we can regain our customers’ confidence in time.”
Latitude also stated that there had been no suspicious activities with Latitude Systems after the 16th March 2023 attack.
Regular business operation has also been restored, and the customer contact center is entirely back online, working at total capacity.
Source: https://cybersecuritynews.com/latitude-ransom-demand/