In this file photo taken on Aug 27, 2021, people wearing face masks walk through the streets of the central business district in Sydney. (PHOTO / AFP)
SYDNEY – Australia's financial service provider Latitude confirmed on Monday that about 14 million personal records have been stolen from the company due to a recent cyber attack.
In its update on the cyber theft incident, Latitude said that approximately 7.9 million Australian and New Zealand driver license numbers were stolen, of which approximately 3.2 million, or 40 percent, were provided to the company in the last 10 years.
According to the update, the "malicious attack" exposed 53,000 passport numbers, while less than 100 customers had reported a monthly financial statement leaked. Latitude promised to reimburse customers who choose to replace their ID documents.
Australia's financial service provider Latitude also identified that an additional 6.1 million records, dating back to at least 2005, were stolen, of which approximately 5.7 million, or 94 percent, were provided prior to 2013
Meanwhile, the company also identified that an additional 6.1 million records, dating back to at least 2005, were stolen, of which approximately 5.7 million, or 94 percent, were provided prior to 2013.
ALSO READ: Joint Strike Fighter plans stolen in Australia cyber attack
These records include some but not all of the following personal information, such as name, address, telephone and date of birth.
"It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologize unreservedly," said Latitude Financial Services CEO Ahmed Fahour.
"We continue to work around the clock to safely restore our operations. We are rectifying platforms impacted in the attack and have implemented additional security monitoring as we return to operations in the coming days," he added.
The incident is currently under investigation by the Australian Federal Police, with no suspicious activity observed in Latitude's systems since March 16.
READ MORE: Australia creates military cyber unit to expand hacking attacks
Latitude first reported the cyber attack on March 16, acknowledging that it resulted in the theft of over 300,000 customer documents. The attacker was believed to have used the employee login credentials to steal the data that was held by the company's service providers.