Australian consumer lender Latitude Financial has revealed that 14 million customer records, including drivers licences, passports and financial statements were stolen in a cyber attack.
The consumer lender, which offers personal loans and credit to customers, first disclosed it was hacked in mid-March but played down the scale of the impact.
A forensic review now reveals that approximately 7.9 million Australian and New Zealand driver licence numbers were stolen, of which approximately 3.2 million, or 40%, were provided in the last 10 years.
In addition, approximately 53,000 passport numbers and 100 monthly statements were stolen. A further 6.1 million records dating back to at least 2005 were also lifted, of which approximately 5.7 million, or 94%, were provided before 2013.
These records include some but not all of the following personal information: name, address, telephone, date of birth.
Latitude Financial CEO Ahmed Fahour, says: "It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly.
"We are committed to working closely with impacted customers and applicants to minimise the risk and disruption to them, including reimbursing the cost if they choose to replace their ID document. We are also committed to a full review of what has occurred."
The company took a number of systems offline when the breach was discovered and remains unable to assist customers with specific account enquiries. Fahour says employees are working around the clock to get systems back online.