Australian superannuation cyberattack: Australian Retirement Trust, AustralianSuper, HostPlus, more targeted

Multiple Australian super funds have been targeted in a sophisticated cyberattack after passwords were allegedly leaked.

Australian Retirement Trust, AustralianSuper, HostPlus, Rest and Insignia are understood to have been targeted.

Initial information indicates funds have been taken from Australians’ super fund accounts.

Prime Minister Anthony Albanese says he has been briefed on the attack.

AustralianSuper on Friday confirmed its defences had been breached, with up to 600 accounts compromised “in attempts to commit fraud”, with member passwords stolen.

“While we took immediate action to lock these accounts and let those members know, there are things members can do right now to protect themselves online,” AustralianSuper chief member officer Rose Kerlin said.

“Over the past week, we have seen a spike in suspicious activity across our member portal and mobile app, and we are urging members to take steps to protect themselves online.”

Meanwhile, the cyberattack had compromised the details of least 8000 retail workers’ default fund REST.

REST chief executive Vicki Doyle told staff in an email on Friday: “Last weekend we became aware of some unauthorised activity on our online member access portal”.

“Some members’ personal information such as their first name, email address and member number may have been accessed.

“We responded immediately by shutting down our member access portal, undertaking investigations and launching our cybersecurity protocols and network monitoring,” she said.

Ms Doyle said it was “in the process of communicating directly with these members to guide them through actions to further safeguard the security of their accounts”.

It’s understood Australian Retirement Trust, Hostplus and the biggest retail super fund Insignia have also been subject to the attack.

Association of Superannuation Funds of Australia said while the majority of the attempts were repelled, “unfortunately a number of members were affected”.

“Funds are contacting all affected members to let them know and are helping any whose data has been compromised.”

“Retirement savers should be assured superannuation funds and their service providers already have rigorous cyber protections in place. “

“In a rapidly evolving threat landscape there will always be new and emerging risks, but Australia’s super sector is proactively working together to improve system-wide defences, including through the ASFA Financial Crime Protection Initiative.”

Association of Superannuation Funds of Australia issued a statement on Friday saying: “While the majority of the attempts were repelled, unfortunately a number of members were affected.

“Funds are contacting all affected members to let them know and are helping any whose data has been compromised.”

“Retirement savers should be assured superannuation funds and their service providers already have rigorous cyber protections in place. “

“In a rapidly evolving threat landscape there will always be new and emerging risks, but Australia’s super sector is proactively working together to improve system-wide defences, including through the ASFA Financial Crime Protection Initiative (FCPI).”

More to come...