Today’s announcement from Latitude Financial that 7.9 million drivers licenses, 53,000 passport numbers and 6.1 million further customer records - dating back to at least 2005 - were stolen during the recent cyber incident is deeply concerning.
This comes after the large scale loss of identity information following the Optus and Medibank incidents. The Government shares the frustration and concern experienced by many citizens who fear their data may now have been stolen on multiple occasions.
Identity crime impacts around 1 in 20 people each year with an estimated cost in 2018-19 of $3.1 billion.
On 16 March the Federal Government convened the National Coordination Mechanism (NCM) to bring together agencies across the Commonwealth, states and territories to ensure that all possible support is being provided to Latitude Financial and all those customers whose personal information has been stolen.
The NCM has met five times in relation to the Latitude incident, and we have established two NCM working groups to address specific issues relating to the Financial Sector, and Identity Security and Services.
Latitude Financial is cooperating with government in responding to this incident, and we expect the company to continue to swiftly provide the government with all information it needs.
It remains our position that no customer should bear the cost of a data breach and we are working with Latitude Financial to ensure that the customers affected by this attack are protected from immediate and future risks.
Cyber attacks are a growing threat and will become a more routine part of our lives for years to come, and this incident is another reminder of the importance of improving Australia’s cyber security and privacy settings to minimise impacts of these threats.
While we will never reduce this risk of these attacks to zero, how we respond and become more resilient as a nation is now more important than ever.
That is why the Albanese Government is progressing longer term options to help protect Australians from future incidents.
Last month the Prime Minister and I announced the establishment of a Coordinator for Cyber Security, supported by a National Office for Cyber Security within the Department of Home Affairs, to ensure a centrally coordinated approach to deliver the Government’s cyber security responsibilities.
We are also developing a new Cyber Security Strategy to build whole of nation cyber resilience, and implementing tougher penalties for repeated or serious data breaches.
We’re working with States and Territories to mitigate the impacts of licences being compromised.
The government is working to deliver an easy, voluntary and secure way for all Australians to prove who they are once when accessing government services online, and to support the broader use of digital IDs and credentials, across the economy – aligning with appropriate international standards.
This government is working to ensure that in future digital identities are hard to steal, and if compromised – easy to restore.
I want to remind all Australians that the best, smartest, toughest people in cyber-security in this country are working day in, day out, to hunt down the people who are responsible for these malicious crimes against innocent people.
Helpful resources can be found at cyber.gov.au