Latitude confirms 14m customers had data stolen

In addition, about 53,000 passport numbers were stolen, the company said in an update to the ASX on Monday.

It also revealed that – on top of the driver’s licence theft – a further 6.1 million records dating back to 2006 were stolen, and about 100 customers had had a monthly financial statement stolen.

“These records include some, but not all of the following personal information: Name, address, telephone, date of birth,” it said.

Latitude said last week a review had “uncovered further evidence of large-scale information theft affecting customers (past and present) and applicants across Australia and New Zealand” – and that the hack discovered earlier in March was worse than it had first thought.

It had previously estimated that 330,000 customers and applicants had been affected by the cybercrime, with 96 per cent having a copy of their driver licence or their driver licence number stolen. About 4 per cent had their passport data stolen and less than 1 per cent had Medicare numbers taken.

“It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly,” chief executive Ahmed Fahour said.

“We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. We are also committed to a full review of what has occurred.”

Latitude offers loans, credit cards and insurance for shoppers at big retailers such as Harvey Norman, JB Hi-Fi, The Good Guys and David Jones.

The company said it would reimburse customers who decided to replace stolen documents.

It will also write to all customers, past customers and applicants whose information was compromised, outlining details of what had been stolen and the company’s plans for remediation.

Customers who want more information were directed to Latitude’s help page on its website.