Latitude Financial reported yesterday that it has received a ransom demand from the hackers behind the cyber-attack on the company, and insisted that it will not pay. “In line with advice from cybercrime experts, Latitude strongly believes that paying a ransom will be detrimental to our customers and cause harm to the broader community by encouraging further criminal attacks,” the company said in a statement to the ASX. Latitude said the attack was under investigation by the Australian Federal Police and the company was working with the Australian Cyber Security Centre. It is contacting current and past customers, as well as credit applicants, whose information was compromised, with details of the information stolen and the support it is providing. Latitude said business operations were being restored, with the customer contact centre back online and new customer originations recommencing. On March 16, the company reported it had detected “unusual activity on its systems over the last few days that appears to be a sophisticated and malicious cyber-attack”. It said the attacker appears to have used employee login credentials to steal information held by two of its service providers. Around 103,000 identification documents, mostly drivers’ licences, were stolen from one and 225,000 customer records from the other. In the following days the position worsened, as the company reported that passport numbers and Medicare numbers were also stolen, and then that close to eight million drivers licence numbers were stolen, as well as more than six million historical customer records dating back to 2005.