Hot on the heels of news that IPH Ltd (ASX: IPH) has been hit by a cyber-attack, another ASX All Ords stock has requested a trading halt today after becoming the latest victim of hackers.
That ASX All Ords stock is Latitude Group Holdings Ltd (ASX: LFS), which is one of Australia's largest instalments and lending businesses.
What's happening to this ASX All Ords stock?
According to the release, Latitude detected unusual activity on its systems over the last few days that appears to be a sophisticated and malicious cyber-attack.
The company believes that the activity has originated from a major (unnamed) vendor used by Latitude.
And although the company took immediate action, the attacker was able to obtain Latitude employee login credentials before the incident was isolated. This has allowed the hacker to use the employee login credentials to steal personal information that was held by two other service providers.
What's the damage?
The release notes that, as things stand, Latitude understands that approximately 103,000 identification documents were stolen from the first service provider and approximately 225,000 customer records were stolen from the second service provider.
In respect to the identification documents, more than 97% of these documents are copies of drivers' licences. This means approximately 100,000 people have had their drivers' licences stolen.
What now?
Latitude has apologised for the breach and is taking immediate steps to contact impact customers.
Management advised that it is continuing to respond to the attack and is doing everything in its power to contain the incident and prevent the theft of further customer data. This includes isolating and removing access to some customer-facing and internal systems.
It is also working with the Australian Cyber Security Centre and has alerted relevant law enforcement agencies and engaged several cyber security specialists to assist with Latitude's response.
Sadly, it seems that some companies have not learned from the Optus and Medibank Private Ltd (ASX: MPL) attacks from last year.