Another week another data breach.
Latitude is working with relevant agencies to replace identification documents, where necessary, at no cost to our customers.
When will I know if my information/data was accessed or stolen? We are contacting impacted individuals to alert them to what’s been stolen, how we are supporting them and what they need to do. We will help them replace identification documents, where necessary, at no cost.
ditto for me…just the robot letter from them saying it looks like my personal data is out-and-about now.
I haven't even had the generic email. Still a current customer. They have no problem sending me the statements though.
I think there is a generic email, eg we have had a breach……and THE email, which is not so good. Been with them 12 yrs, no THE email yet.
Same here.
me too. It says they will get in direct contact if affected but I don't know if I trust it
28 degrees?
Yep one of their products
I got two of the generic emails. I guess that's the end of that…
Thanks .. I’ve always wanted my data breached to get this deal.
So you bought 10
I only got 9 so other people can get this deal.
Now that passports are free, I put in a price protection claim
lol
Okay. I was a LatitudePay customer, but haven't used it for a year or so, and last heard they were closing it. Should I be worried?
LatitudePay is a product of Latitude Financial. They are closing LatitudePay in April, not the company.
This means unless you closed your account yourself (and maybe even if you did) your data is still likely on their servers which got breached. Now if your data was included in the breach or not is a completely different question, but err on the side of caution/suspicion for now.
i closed mine 8-12 months ago, got no email from latitude saying my data breached. Really wondering if they had deleted my data or just dont want to help because I aint no longer their customer ?
See this is where legislation and all that is kind of muddy (or maybe just my understanding of it lol). Because it's a financial company, they may have some obligation to keep some data for a set period of time. Quite sure the Australian Privacy Principles (APPs) cover this.
@pennypincher98: I think companies are required to keep financial data for 6 years for money laundering etc.
I might need to call this company to find more info.
@USER DC: Yeah it's something like that, although I'm not sure what data is included and how much of it is identifiable. Definitely call the company when you can though.
Government needs to issue disposable IDs now. Keep throwing them out every few weeks.
Maybe an annual subscription with unlimited free IDs
Annual?
Title says “Another week another data breach”
Wouldn’t daily be more apt :)
Exactly, and should be digital and free too, like revolut disposable virtual cards.
Even passport digital too, should probably learn somethings from overseas.
And so the public clamor for digital IDs begins… Oh, how so timely and convenient for Herr Doktor Klaus and his minions.
In case you haven't noticed, there are a few problems with the existing system of secret numbers printed onto physical documents.
Of course there's public clamor for something better ! ANYTHING better !
@Nom: — Anything, please! ANYTHING!
— Ja, kein problem… How about a centrralised identification linking yourr medical rrecord to yourr finances, so dat people can be nudged to follow ourr guidance by deducting misbehaviorrs frrom theirr social crredit scorre, and prreventing them to trravel and purrchase goods and serrvices if their score gets too low. Ve call it digital id und smarrt 15-minute cities.
How about a centrralised identification linking yourr medical rrecord to yourr finances
We already have that, it's called MyGov.
@Nom: Yep, Australia is right behind China and CanChina in the implementation of the WEF technocratic agenda. Use it at your own peril.
No, not ID. Next will be disposable money with one week expire date. Australia will following China.
Or cull the boomers in charge of tech at all these companies and replace them with competent people…
The number of CTO / DI / Ops people I've met who are unqualified for that role is staggering.
Nothing like nepotism to push people dangerously high in the hierarchy and for it to start crashing down as everything gets digitised with barely a handful of people able to understand the consequences.
Same goes for the absolute crap-tastic state of our laws for Digital privacy and protection.
GDPR has been active for 7 years now.
Are poor lil Aussie battler politicians too overworked on the golf course to do some important work for once?
love those 8 points at the end on what should and should not we be doing re cyber security. Thanks for the advice ! :(
Had that thought when I got the Medibank email - I'm not the one that was at fault for my data being stolen d*ckheads!!
Been a 28 degrees/ latitude customer for years but haven't got an email yet …
Check your spam folder. Hope you are not one of the 330k accounts affected.
I wonder if Latitude will want to verify our faces to enquire about the breach it is responsible for.
Contact Us - Facial Verification
To prevent fraudulent activity, Latitude uses facial verification technology to biometrically match your face to the picture on your ID.
You would have received an SMS with a link to complete your facial verification check using your phone. To complete your facial verification check, please have your Driver Licence or Passport close by.
If you haven't received your SMS or your SMS link has expired, you can resume your application (resume link in email) to request a new SMS link to the mobile phone you applied with.
See https://latitudefs.zendesk.com/hc/en-au/articles/99343352880…
All we need now is a face leak!
Instagram has you coverd, don't stress your pretty face
Beauty mode = ON
already happened, note point 3
What kind of information was affected?
We have so far identified that the incident has resulted in the following kinds of your personal information being compromised. We collected this information from you at the time you applied for credit or sought a quote from Latitude so we could verify your identity.
Images of your driver licence which, where applicable, included your photograph, name, address, date of birth, licence number, card number and expiry date.
The personal information you supplied during your application or quote request which, where applicable, included your full name, address, date of birth, your email and your phone number.
A photograph of your face provided as part of Latitude’s identity verification process.
I had a account with them when they were GE finance
Lucky all the documents have expired
Same here, but the hacker knows about our phone number and DOB so can port/steal oour phone number
Ahh dang. That's bad.
I appear to have joined prior to that being a requirement.
That's pretty severe. Customers need a new identity, not just a new identity document
my face is on my drivers licence so it is already leaked.
Though likely not in the detail available under this specific information type.
Probably need to add (Targeted) in title…
I never get these offers dammit
[Targeted] by hackers
Free serve of replacement documents with a side of wiping their hands clean.
Absolutely zero accountability. Our data protection laws are pathetic.
Does Australia have the highest per capita rate of data breaches / negligence leading to leaks? Every week: massive corp leaks basically all your data. Yet still you hear profanity all about accountability.
Australia, is pretty good at being the best at being the worst. eg, land clearing, gambling, etc.
The expression about Australia being the lucky country, not meant as a positive thing, applies more than ever.
I think our education system is really bad ..
Rate would be 1 data leak : 2 PM’s
They had a good credit card, but then they decided to make it worse unless you got a Latitue ID, which required your drivers licence etc.
I decided if they were going to be so stupid they could get stuffed, so have been paying 95 cents every time I pay them ever since, which only adds up to about $4, but at least I think I should be OK from this data breach.
Time to find a good new credit card for overseas transactions.
Isn't direct debit free? Being with them since 2014, don't think I had to provide any ID for latitude pay being an existing customers.
For the past couple of weeks the experience has been degrading leading to the hack - not surprised. I really wish they would name & shame that service provider. Do we know which company it is?
BankWest Zero Platinum. No annual or foreign transaction fees. I switched from 28 degrees years ago when they started charging to pay off your balance through their portal.
https://www.bankwest.com.au/personal/credit-cards/no-annual-…
If a photograph of your face was leaked, do you get a new replacement face free of charge?
Yep, they'll "Face Off" you with a random customer.
You should not be identified with anything digital.
I wish heh heh heh. I would make some improvements.
Free botox
So you can look really surprised when you see you were one of the affected ones. Hahahaha.
Free face transplant, must be existing/new medibank private/ahm customer
I can't help but think once you qualify for credit they should delete your data so it can't be stolen. FYI I have put a ban on my credit file being accessed (to be used my scammers to apply for lines of credit etc) using credit savy and they put the request for the 3 reporting bodies. It is a temporary 21 day ban. I would prefer it be a much longer ban so will look into that.
apparently you can extend it up to 12 months, but it can take up to 10 days to process your request so you would need to extend on day 11.
one of the reporting bodies sent me an email saying I could extend a year another said just 21 days so I will need to look into this further. If I have to pay to put it on for a year so be it. I'd rather that than credit being issued in my name. By right Lattitude should have to pay for that too.
I thought Credit Savvy only put a ban on the Experian credit file as that's the one they're affiliated with.
How did you get them to apply it to the other 2 CRB's?
Lol is this going to be a regular thing from now on, people gonna be switching driver licence numbers more often than we change prime ministers
hmm. IF they got our passports then a new one will be appreciated with extra validity paid for by lattitude :) A way to get back some of that non useable covid time?
Replacements carry over the original expiry date unless it's less than two years left so you can opt to get a renewal.
It's frustrating these security breaches keep happening over and over
Is this for go MasterCard? I've only had that card and hardly used it.
It is their entire company.
Does that included lattitude pay accounts that were closed 8-12 months ago ?
Does it include people who applied {and supplied ID} but were declined?
I would guess yes
I'm 5/5 baby!!
Medibank + AHM
Optus + GOMO
Now Latitude
Full marks
There's a massive amount of data breaches besides those 5, but I'm curious if you can make it 6 with Mydeal too lol
you missed Facebook, ShopBack breaches earlier ?
YOUR ACCOUNT is since 2016, so how come you escape the ShopBack one ?
How about Sparesbox one too ?
Oh yeh I think Shopback got me too woooo
haveibeenpwned?.. your answer is yes
6/6 optus, medibank, facebook, shopback, medlab, lattitude :(
thinking to change my name, address, IDs and fingerprints !!!
When was Facebook hacked? What was stolen? I rarely use Facebook so didn’t know of breach.
Someone reported the deal as targeted offer 💀
"We are contacting impacted individuals to alert them to what’s been stolen, how we are supporting them and what they need to do. We will help them replace identification documents, where necessary, at no cost."
One would argue that it's all necessary, but banks will only spend money where absolutely required….
Haha. They weren’t picky…
The real deal would have been if they had better security
The hint was hiring a CEO who was making 4+millions at Aus post and not doing much. I only stayed with them for the price protection.
I wish they could have zeroed my debt
great. optus still hasn't done anything for me but to say I was in the breach.
At least they are giving money for replacement.
Unless Floptus Hacktus, literally so scummy company, still hasn't paid its customers for any breach. (paying to government is not same as paying to customer, customers cannot just get their passport, driver license changed for free). + even government has restrictions on when they will allow fee waiving. I personally would never be dealing with them again. And this just shows that, you really need to ditch that company who's not respecting you. At least latitude is willing to pay customers directly all cost associated with it.
BTW with Lattiude they didn't send me anything. Does that mean mine was not leaked ? I closed my account with them a year less ago.
I had closed my account last year but was able to login today, apparently closing the account doesn't meant actually closing the account.
so you did same email to them to delete account etc? stuff yet you were able to login ?
Makes me worried now
Yes did the email deletion thing
yesterday tried logging on whim and account is working with credit limits and all that
Strange,
Honestly I dont remember my last password i had on them, but I tried to reset it today, did receive email for resetting password.
So was able to Reset the password. But then afterwards it says Incorrect username and password combination, So I aint too sure how they are dealing with closed accounts
What are you guys doing as next steps when you get notified of things like this?
Comment on OZbargain.
I get REALLY angry… and than do nothing.
this is the way
They should incorporate Authenticators into all ID, change every 30 seconds!
I’ve only gotten the generic email so far…