What happened
In AprilβMay 2024 the non-bank lender Firstmac notified customers of a data breach after the EMBARGO ransomware group published stolen data on the dark web [fm-bitdefender], [fm-cyberdaily]. Firstmac confirmed that personal information β names, dates of birth, addresses, email addresses and phone numbers β had been compromised; reporting on the leaked trove also described external bank account details (BSB and account number) and driver licence numbers [fm-bitdefender], [fm-cyberdaily].
Timeline
- 2024-04 β Data stolen; EMBARGO listed Firstmac data on its leak site late April [fm-cyberdaily].
- 2024-05 β Firstmac notified affected customers [fm-bitdefender].
Current status
Disclosed. Firstmac did not publish a count of affected individuals, so no figure is asserted here. The volume of leaked data reported by the attacker is not a reliable measure of how many people were affected [fm-cyberdaily].
Why it matters
A lender holds exactly the identity and banking data that enables fraud β names, dates of birth, and account details together. A double-extortion ransomware group publishing it raises the risk for those affected.