BREACH ALERT – Cyber attack on 3CX and Latitude

BREACH ALERT – Cyber attack on 3CX and Latitude

In the past few weeks, two significant data breaches have been reported, affecting the Australian-based financial services company, Latitude, and the US-based unified communications software provider, 3CX. These breaches have resulted in the exposure of sensitive customer information, including personal and financial details.

Latitude, which provides personal loans, credit cards, and other financial products, announced that it had suffered a data breach that had exposed the personal and financial information of approximately 14 million customers.

The breach occurred when an external party gained unauthorised access to Latitude's database, which contained customers' names, addresses, dates of birth, contact details, employment information, and credit card details.

Latitude has since confirmed that the incident was caused by a vulnerability in its systems, which has now been patched. The company has also notified affected customers and advised them to monitor their accounts for any suspicious activity.

For more information: https://www.latitudefinancial.com.au/latitude-cyber-incident/

Meanwhile, 3CX, which provides a range of unified communications solutions, revealed that it’s desktop app for MacOS & Windows had experienced a data breach that exposed customer records, including names, email addresses, phone numbers, and account passwords. The breach was discovered when a third party reported that they had discovered a database containing 3CX customer records for sale on a dark web marketplace.

3CX has confirmed that the breach was caused by an unauthorised party gaining access to an old database backup. The company has since taken steps to secure its systems and has advised customers to reset their account passwords immediately.

For more information: https://www.3cx.com/blog/news/desktopapp-security-alert/

These data breaches highlight the ongoing threat that cybercrime poses to businesses and individuals alike. Cybercriminals are becoming increasingly sophisticated in their attacks, using a range of techniques to gain unauthorised access to sensitive information.
To protect ourselves against such attacks, businesses need to prioritise cybersecurity measures, including regular vulnerability assessments, employee training, and the use of robust security tools.

For individuals, who may have been compromised it is essential to be vigilant and monitor personal accounts regularly for any signs of suspicious activity. Remember to always use strong and unique passwords, enable two-factor authentication where possible and be cautious when sharing personal information online.

If you need to discuss any of these security measures with us, please reach out.