Latitude Group Holdings Ltd., an Australian consumer loan company, will not pay a ransom to those responsible for a cyberattack that occurred last month because it will hurt clients and the general public by inciting other attacks.
Latitude stated in a statement on Tuesday that it would not tolerate criminal action and did not think that paying a ransom would secure the destruction or return of the stolen data.
In one of the worst documented data breaches in the nation last month, the corporation claimed hackers obtained roughly 8 million Australian and New Zealand driver's license numbers. Latitude had also taken its platforms offline.
According to the corporation, "regular business operations are being restored, with Latitude's primary Customer Contact Centre back online and operating at full capacity."
Over the past several months, several Australian businesses have reported cyberattacks, which experts attribute to a cyber security sector that is understaffed.
A plan to toughen privacy regulations amid a surge in online data theft was denounced last week by a service supported by the Australian government for victims of identity theft. It was claimed that the idea would encourage vulnerable corporations to pay ransom and encourage more hacking.
According to IDCare, a nonprofit that aids victims of internet crime, Australia may unintentionally encourage a cyber-crimewave by making it easier for authorities to penalize businesses for lack of data protection and neglecting to criminalize ransom payments.
The statement was included in an unpublished submission to the attorney general, which Reporters reviewed. The attorney general is working to modernize privacy laws for the internet era at the same time that the nation is experiencing an increase in significant data thefts, which the government claims have affected practically every family.
IDCare has become one of Canberra's go-to referral organisation’s for helping victims of cybercrime, so its opinions will be strongly weighted in a government review of privacy legislation that is anticipated to make it easier to punish or sue corporations that fail to protect consumer data.