27 March 2023

The Office of the Australian Information Commissioner (OAIC) continues to engage with Latitude Financial and is making preliminary inquiries regarding their cyber security incident.

Under the Notifiable Data Breaches scheme, organisations covered by the Privacy Act 1988 must notify affected individuals and the OAIC as quickly as possible if they experience a data breach that is likely to result in serious harm to individuals whose personal information is involved.

The OAIC is also working with other government agencies to ensure a coordinated response.

Advice for individuals

If you are concerned your personal information may have been affected, first check the Latitude website for more information, including how to contact Latitude’s dedicated contact centre for individuals impacted by the data breach.

Latitude has also partnered with national identity and cyber support service IDCARE to help those impacted. See the Latitude cyber incident response page on the IDCARE website for information about how IDCARE can help.

Individuals should be alert for scams referencing the Latitude data breach. See the Scamwatch website and ACCC’s factsheet for advice on how to protect yourself from scams after a data breach.

If you believe your information has been misused as a result of the data breach, you can report this to ReportCyber at cyber.gov.au.

If you are concerned about identity fraud, you can request a copy of your credit report to confirm if your identity has been used to obtain credit without your knowledge. You can also ask a credit reporting body to place a ban on your credit report. See our information about fraud and your credit report.

See more data breach support and resources available if you are experiencing distress.