Australian Superannuation Funds Hit by Major Cyber Attacks, Members Lose Thousands

Several of Australia’s largest superannuation funds, including AustralianSuper, Hostplus, Rest, and Australian Retirement Trust, have become targets of suspected cyber attacks, resulting in significant financial losses for some members. The attacks, discovered over the weekend, highlight rising cybersecurity threats in Australia, where a cybercrime is reported every six minutes.

AustralianSuper, the nation’s largest retirement fund, confirmed that cybercriminals may have used stolen passwords to access the accounts of up to 600 members, resulting in fraudulent lump sum withdrawals. At least $500,000 has been reported lost from member accounts.

Rose Kerlin, AustralianSuper’s Chief Member Officer, indicated that an unusual increase in suspicious online activity alerted them to the breach. “We took immediate action to lock these accounts and inform the affected members,” Ms. Kerlin said. However, some members still face account access issues, including seeing balances incorrectly displayed as zero.

The superannuation industry association acknowledged the breaches, noting, “While the majority of attempts were repelled, unfortunately, a number of members were affected.”

Cybersecurity experts suggest the attacks likely involved “credential stuffing,” where hackers use usernames and passwords stolen from previous breaches and sold on the dark web. According to Professor Matt Warren of the RMIT Centre for Cyber Security Research, the superannuation sector was particularly vulnerable due to inadequate security measures, notably the absence of mandatory multi-factor authentication (MFA).

CyberCX Chief Strategy Officer Alastair MacGibbon described the attacks as “coordinated attempted fraud” rather than direct hacking. He emphasized that credential stuffing remains a significant and growing threat, particularly when users reuse passwords across multiple platforms.

In response to these attacks, cybersecurity specialists call for immediate implementation of stronger security measures, including compulsory MFA and improved automated fraud detection systems within superannuation companies.

Members affected by the breaches are advised to immediately verify their account details, monitor for unauthorized activity, and update passwords to unique, complex combinations.

Australia’s National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, confirmed coordination efforts across government agencies and industry stakeholders to respond to the incidents. Experts, including Professor Warren, believe impacted members should receive reimbursement, supported by insurance protection and responsible actions from the affected funds.

Photo Credit: DepositPhotos.com