🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Finance

Latitude Financial

🇦🇺 Melbourne, VIC (AU + NZ operations) · Latitude Financial Services · Record AU-2023-0088
● Confirmed
People affected
14,000,000 (approx)
Breach date
2023-03
Regulator
OAIC + NZ Privacy Commissioner (joint)
Trust tier
A · Confirmed

Data exposed

Driver licence numbers (~7.9M across AU & NZ) Media-reported
Passport numbers, financial statements and other personal details Media-reported

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In March 2023 Latitude Financial disclosed a breach affecting around 14 million records across Australia and New Zealand — including roughly 7.9 million driver licence numbers and a large number of passport numbers and financial records [oaic-latitude]. The OAIC and the New Zealand Privacy Commissioner opened a joint investigation, a first for the two regulators [oaic-latitude].

Timeline

  • 2023-03 — Latitude disclosed the breach; ~14M records across AU & NZ [oaic-latitude].
  • 2023 — OAIC and NZ Privacy Commissioner announced a joint investigation [oaic-latitude].

Current status

Under joint regulatory investigation; class-action litigation has also been reported. Figures are as reported. [oaic-latitude]

Why it matters

The scale — and the volume of government identity documents — made it the largest breach on either side of the Tasman, and the trans-Tasman regulatory response set a precedent.