Almost 330,000 customer records and identification documents have been stolen from a major Australian financial company.

Latitude Financial said on Thursday it appeared to have been hit by a sophisticated and malicious cyber attack, originating from a major vendor.

Latitude, which offers loans credit cards and insurance, said more than 100,000 copies of customers identification had been stolen – of which about 97 per cent were copies of drivers’ licences. A further 225,000 customer records were also stolen.

In a statement to the ASX on Thursday, Latitude said a “major vendor” was targeted in the attack.

The company offers interest-free instalment plans and personal loans for shoppers at big retailers such as Harvey Norman, JB Hi-Fi, The Good Guys and David Jones. It did not name the affected vendor.

“The attacker was able to obtain Latitude employee login credentials before the incident was isolated,” Latitude said.

“The attacker appears to have used the employee login credentials to steal personal information that was held by two other service providers.

The company has apologised and said it was contacting affected customers. It was also working with authorities, including the police and the Australian Cyber Security Centre.

Latitude Group Holdings Limited is in a trading halt until Monday.

– with AAP