Share this article on:
Breaking news and updates daily. Subscribe to our Newsletter
Supermarket mainstay Coles has revealed some of its customer data was stolen as part of Latitude Financial’s recent data breach.
The data is historical and relates to a previous arrangement between Coles and Latitude to provide in-house credit cards. Latitude, however, has not informed Coles of the scale of customer data affected.
“As a former service provider, Latitude Financial Services has informed Coles Financial Services that historical Coles credit cardholder data has been affected by the recent cyber incident impacting their business,” Coles said in a statement over the weekend. “Latitude has not yet advised Coles of the number of impacted customers or specific details of the breach.”
At the moment, Coles is advising its customers to visit Latitude’s own reporting site about the nature of the data breach and what steps possible victims can take to protect themselves.
“We are disappointed that this cyber incident has taken place and apologise for the inconvenience and uncertainty created,” the statement concluded.
Coles moved away from Latitude Financial in March 2018, when Citibank took over its branded credit cards.
However, a number of high-profile retailers continue to use Latitude’s financial services. Harvey Norman, Domayne, and The Good Guys all currently offer a range of Latitude products.
All three offer “Latitude interest-free” finance options, though The Good Guys do note that as of 14 March, the store is no longer accepting LatitudePay. Latitude had already announced that it was stopping its LatitudePay service on 11 April, but it also made its initial assessment of its data breach on 16 March.
“It’s never been easier to shop for what you want with a no deposit, no interest payment plan. You can use an existing card, or apply for a Latitude GO Mastercard now!” Both Harvey Norman and Domayne currently state this as part of their payment options.
Cyber Security Connect had reached out to the above retailers for comment.
Latitude first announced that it had suffered a data breach on 16 March, but at that point in time, the financial services company believed only 250,000 customers had been affected. But on 27 March, Latitude Financial announced that the hack affected over 14 million customer records, making it the largest data breach yet for an Australian company.
Latitude has so far not responded to any of Cyber Security Connect’s requests.
Comments powered by CComment