In a recent disclosure, Latitude Financial, a leading financial services company, has reported a staggering $76 million in pre-tax costs stemming from a cyber security incident that occurred in March of this year.
The incident, which exposed sensitive customer data, has not only raised concerns about data privacy but has also highlighted the potential financial repercussions of such breaches.
The breach, first detected in March, led to unauthorised access to a significant portion of the company’s customer database. This included personal information such as names, addresses, contact details, and in some cases, even financial data.
Latitude Financial acted swiftly to contain the breach, collaborating with cyber security experts to investigate the extent of the compromise and to reinforce their digital defenses.
According to the company’s official statement, the majority of the $76 million in pre-tax costs can be attributed to the necessary response and recovery measures taken in the aftermath of the incident.
As the financial services firm disclosed its financial results for the first half of 2023, it revealed pre-tax expenses and provisions. These expenses contributed to a reported after-tax statutory loss of $98.2 million from ongoing operations, a figure falling within the range previously disclosed.
The company also confirmed the realisation of projected post-tax cyber costs, amounting to $53 million, in alignment with its initial market guidance.
The company’s Money Division A&NZ experienced a significant decline in volumes, reaching $637 million, due to the business system shutdown during the cyber incident. This marked a 19% year-on-year decrease and a 28% drop compared to the first half of 2022.
Latitude affirmed its ongoing collaboration with regulators who are assessing the company’s information handling practices. Additionally, the company is engaging with its insurers to address claims that might mitigate some or all of the expenses related to the cyber incident.
Bob Belan, the Managing Director and CEO, expressed his pride in the resilience and responsiveness displayed by his colleagues during what he acknowledged as one of Latitude’s most challenging periods. He also expressed satisfaction with the notable recovery now taking shape.
“Latitude’s half year result reflects what has been a persistently difficult macro environment for financial services businesses and of course, the operational disruptions caused by the March cyber-attack on our company,”
“We have and will continue to work diligently to continuously review and enhance the security of our systems and importantly, accelerate the delivery of our refreshed strategy focused on improving the experience for our customers and elevating the financial performance in our core Pay and Money divisions.” said Belan
Latitude shifts focus post attack
According to Belan, the company’s attention will now pivot towards enhancing growth and ensuring future profitability following a comprehensive four-part strategy encompassing restoration, rebounding, remediation, and rebuilding, the company has initiated efforts to strengthen its cyber and data security measures.
Additionally, a new strategy titled “Path to Full Potential” has been introduced along with associated initiatives.
“To give you some context in terms of what we have planned ahead, we’ll continue to invest in system security enhancements to protect our company’s assets into the future,” Belan said.
“We will focus on further optimising our operating model and our cost base which includes a workforce re-engineering program planned for the second half of this year.” said Belan
The company will also actively pursue new retail partnerships and allocate increased resources to bolster core capabilities, enhance customer experiences, and seize growth prospects.
During the first half of the year, Latitude Financial divested its hallmark insurance business, resulting in a capital infusion of $99 million into the balance sheet, as highlighted by Belan.
He further noted the exceptional support received from existing retail partnerships, alongside the addition of several new partnerships.
Belan highlighted the positive outcomes stemming from the 2021 acquisition of Symple, particularly its consumer lending technology platform. He underscored the remarkable progress achieved in integrating Symple’s business and technology during the first half of 2023.
As a result, all new personal loans and auto loans are now originating from the new Symple platform, and efforts are underway to phase out high-cost legacy systems by year-end.
Addressing the company’s leadership, Belan mentioned a strategic restructuring and expansion of the executive leadership team, with new members added post-cyber incident.
He also emphasised the team’s expertise and global experience in driving success across core business lines and functions.
As investigations into the March cyber security incident continue, the true extent of the compromised data and any potential long-term impacts on affected customers remain uncertain.
For the six-month period ending June 30, the Latitude Financial board decided not to declare a dividend, reflecting the company’s strategic considerations.
Announced on Tuesday 28th March Law firms Gordon Legal and Hayden Stephens and Associates (HSA) began investigating a potential legal action against Latitude Financial Services over data breach allegations.
The decision to take action was a response from the legal industry after the 2022 data security breach at Medibank (ASX: MPL), leading to the theft of personal information belonging to 9.7 million Australian customers.
