The Australian Financial Review has released an article revealing the tech giant that hackers used to get inside Latitude Financial. They revealed that the breach originated from US outsourcer DXC Technology. Routine security scans that were looking for anomalous activity on the Latitude network had flagged that an administrator from DXC had logged in and was doing something that DXC admins don’t usually do. It wasn’t clear what tripped the scanners. However by the time Latitude had shut down the connection, the user had already logged into systems of two other Latitude service providers and exfiltrated customer data. It is possible that the data stolen from the two downstream service providers never passed through Latitude’s network, making it difficult for the company to even determine which customers were affected. While it is unclear whether the attack would have resulted in the company being crippled by ransomware, there is reason to believe that the attack may have been stopped in its early stages.
This segment was created for the It’s 5:05 podcast