Customers of an Australian non-bank mortgage lender have had their personal details accessed, including bank account information and passport number, in a worrying data breach.
Firstmac customers received an email from the Brisbane-based company telling them they had recently experienced a “cyber incident” in which a third party accessed some of its IT system.
As a result an unknown number of customers had their personal information stolen.
Get in front of tomorrow's news for FREE
Journalism for the curious Australian across politics, business, culture and opinion.
Read nowThe stolen information included addresses, phone numbers, bank account information, passport number and driver license details.
“As soon as we detected the incident, we took steps to immediately secure our system. We also engaged cyber security experts to assist us with our investigation,” Firstmac said.
It said the data breach had not had any impact on the company’s businesses operations, and stressed that its systems were secure.
“We already have robust security processes in place for any account access changes which will require you to confirm your identity using either biometrics and or two factor authentication,” it said.
“We are committed to protecting the personal information of all our customers, and we sincerely apologise for any concern this incident may have caused you.”
On Thursday, Cyberdaily.au reported the hackers behind the breach had posted the stolen customer information to its leak site after Firstmac failed to meet its ransom deadline.
Firstmac told the publication it was aware of the publication and was “urgently investigating”.
7NEWS.com.au has contacted Firstmac for comment.
Stream free on
