By
A wave of cyber attacks has disrupted operations at several of Australia’s major superannuation funds, with at least four members reporting losses totalling $500,000, while thousands of others may have had their personal information exposed.
Rest confirmed that about 8,000 accounts were impacted by unauthorised activity on its member portal over the weekend. Access to the portal was shut down as the fund activated its cybersecurity response measures.
“We responded immediately by shutting down the member access portal, undertaking investigations and launching our cybersecurity incident response protocols,” Rest CEO Vicki Doyle said, noting that the breach appeared limited to personal data and no funds were transferred.
AustralianSuper, the country’s largest fund, reported that stolen member credentials had been used to try to access approximately 600 accounts. Although the fund did not verify the financial impact, The Australian reported that four members lost a combined $500,000. The fund said it is working to reassure affected members.
Other major funds also reported incidents. Insignia Financial acknowledged that a third party had attempted to breach online accounts, while Australian Retirement Trust detected unusual login patterns and temporarily locked affected accounts as a precaution.
The Association of Superannuation Funds of Australia said affected members are currently being notified, while authorities continue to coordinate efforts to manage the fallout.
“I am coordinating engagement across the Australian government, including with the financial system regulators, and with industry stakeholders to provide cybersecurity advice,” National Cyber Security Coordinator Lieutenant General Michelle McGuinness said.
