Latitude has escaped a $1 million lawsuit from a former mayoral candidate claiming the financial services firm breached his privacy after confidential customer data was stolen.
The firm was hit by a data breach in March 2023 after a hacker used privileged credentials from a third-party vendor to access its systems and steal data from its 7.9 million customers.
Shahriar "Sean" Saffari claimed in his Federal Court privacy lawsuit that the firm's cyber-security negligence led to his personal details being shared on the dark web.
In a ruling on Tuesday, Justice Melissa Perry said Mr Saffari had no "reasonable prospects of success" against the firm.
"(Mr Saffari's) negligence claims ... are untenable in that they cannot possibly succeed," the judge said.
Mr Saffari held a Latitude-branded credit card and his personal information was stolen in the data breach and he claimed it was put on the dark web, where other parties could buy the information and use it for financial gain.
In her decision, Justice Perry said Mr Saffari had complicated the lawsuit by bringing three other companies into the claim rather than focusing solely on Latitude.
"The applicant has proposed now three different versions of the (pleadings), none of which has even identified any actual loss or damage," she said.
Mr Saffari had applied to take related legal action against DXC Technologies and Crowdstrike as companies he alleged were responsible for areas of Latitude's cybersecurity.
He was also trying to join another Latitude-linked firm to the action.
Justice Perry threw out the bid to bring the three other companies into the case as well as rejecting the main lawsuit.
Mr Saffari, who was an unsuccessful independent candidate for mayor of Maitland in 2021, claimed Latitude failed to take reasonable steps to protect and secure his data, breaching both his privacy and its duty of care to protect him from harm.
He told AAP that he would be appealing the decision and that the Federal Court discriminated against self-representing complainants.
"Not all self-represented litigants are the same but (we) are pigeonholed," Mr Saffari said.
Latitude declined to comment on the matter.
Mr Saffari has been ordered to pay the legal costs of DXC Technologies, Crowdstrike and Latitude.
Latitude is still being investigated over the data breach in a joint investigation by Australia and New Zealand's privacy regulators.
If the investigation finds any wrongdoing by Latitude, the Office of the Australian Information Commissioner has the power to seek civil penalties through the Federal Court of up to $50 million for each breach.
