Latitude, Genopay, Gem cyberattack: Customer told even more details hacked

The hacked information included details about employment, income, expenses, assets and liabilities. Photo / Dean Purcell.

Some customers of Latitude Financial, which includes the Genoapay and Gem services, have been told even more personal data was stolen.

“Our further analysis has determined that you have had additional information stolen,” a Kiwi customer was told overnight.

The hacked information included information used to assess a personal loan application, with details about employment, income, expenses, assets and liabilities.

“Our investigation has identified that the attacker used compromised login credentials, obtained via a third-party, to access Latitude’s network and steal personal information.”

The latest email was more bad news for customers who already had data stolen in March.

Some disgusted Latitude customers voiced their frustration on Reddit overnight.

“Can’t believe these muppets...all my private info is on the dark web for some c**k to use. No wonder I’ve been getting so many more phishing texts and calls,” one said.

“I’ve had one very generic email about it but I’ve been getting scam calls, texts, and emails since the breach,” another said.

“I’m fuming. I can understand it was a cyberattack and came out of the blue but I’m angry that it has taken almost two months to find out all my details have been stolen,” another said.

Australian law firm Gordon Legal, along with Hayden Stephens and Associates, is investigating a potential legal action against Latitude Financial.

The law firm said it might sue the finance company “for serious security breaches which have compromised the personal information of past and present customers”.

Latitude in late March said data of 7.9 million New Zealand and Australian drivers’ licences was stolen, as it confirmed the cyberattack on its systems was worse than previously thought.

Deputy Privacy Commissioner Liz MacPherson said data retention - how long records were held - was a key issue in the attack.