However, since then, the investigation has gone quiet, and lawyers representing a 75,000-person class action are frustrated at the lack of action or updates.

“The uncertainty is very stressful for many of our registrants,” Aimee Dartnall, a lawyer at Gordon Legal, told Cyber Daily, Lawyers Weekly's sister brand.

“No one likes being left in limbo. Our registrants told us that they have received a large increase in spam calls and emails following the data breach, they’ve had to replace passports and driver’s licences, and some even experienced attacks on their bank accounts or have fallen into debt. Latitude customers want answers, and they want their complaints to be heard.”

Gordon Legal has made six attempts to get an update on the progress of the investigation but to no avail, leading the class action’s lawyers to believe that the system is inherently broken.

“We don’t really know what is going on at the OAIC because no one will talk to us,” Dartnall said.

“The system has to become more efficient. At the very least, it needs to tell people when they can expect to have their complaints heard. People should not have to wait years to find out whether their complaint has been accepted for further investigation.

“Our main message is, please, come and talk to us. Tell us what is going on in your office so we can give our clients meaningful updates and advise them accordingly.”

VIEW ALL

Latitude revealed that it had suffered a catastrophic data breach on 16 March 2023, initially saying that only several hundreds of thousands of customers had been affected. However, on 27 March, that figure grew significantly, with Latitude reporting more than 14 million records belonging to more than 6 million people in Australia and New Zealand had been exposed.

Latitude is facing multiple legal challenges, and the cost of the breach to the company as of May 2023 was at least $95 million.