A wave of cyberattacks has rattled Australia’s superannuation sector, with coordinated attempts by cybercriminals leading to financial losses and compromised member accounts. Several of the country’s most prominent super funds were hit, raising serious concerns about the safety of retirement savings in an increasingly digital landscape.

Among the impacted funds are AustralianSuper, Hostplus, REST, Insignia Financial’s MLC, and Australian Retirement Trust. These institutions collectively manage the retirement funds of millions of Australians, making them high-value targets for cybercriminals.

AustralianSuper Confirms $100,000 Fraud Attempt

AustralianSuper confirmed that hackers used stolen credentials from over 600 members to try to access their accounts and commit fraudulent transactions. While the full scope of financial loss is still being assessed, it’s understood that approximately $100,000 was lost from some accounts.

The fund’s Chief Member Officer, Rose Kerlin, stated that immediate actions were taken to secure the affected accounts and alert the impacted members.

“We have seen a spike in suspicious activity across our member portal and mobile app,” Kerlin said, urging members to take extra precautions with their login credentials.

High traffic from concerned users caused temporary outages on the fund’s digital platforms, but AustralianSuper reassured members that accounts showing $0 balances were still secure.

Other Funds Affected but Claim No Losses

Other major super funds experienced attempted breaches but reported no confirmed financial losses. The Australian Retirement Trust acknowledged unusual login activity and locked impacted accounts as a precaution. “No suspicious transactions or modifications were identified,” a spokesperson said.

REST Super revealed that roughly 1% of its members — around 20,000 individuals — were affected by unauthorized activity. The fund took immediate steps, shutting down its online portal and launching a cybersecurity investigation. While some personal information may have been accessed, no funds were reportedly stolen.

Hostplus and MLC (Insignia Financial) also detected suspicious activity and are actively investigating. Both funds emphasized that no member funds were lost and measures have been taken to enhance account security, including temporary restrictions and forced password resets.

Attacks Coordinated and Timed Strategically

Reports indicate that the attacks were carefully timed, primarily occurring in the early morning hours to avoid immediate detection by account holders. The method of attack involved using previously stolen login credentials, likely obtained through third-party breaches or phishing scams.

Cybersecurity experts and government agencies, including the National Cyber Security Coordinator, are now involved in assessing the full impact of the breach.

Government and Industry Response

Prime Minister Anthony Albanese acknowledged the incident, pointing to the frequency of cyberattacks in Australia — one every six minutes on average. He noted the government is monitoring the situation and will respond appropriately.

Meanwhile, Super Consumers Australia CEO Xavier O’Halloran highlighted the urgency for funds to improve their cyber resilience.

“These attacks are deeply unsettling. They expose just how vulnerable people’s retirement savings can be in the face of growing cyber threats,” O’Halloran said.

What Should Members Do Now?

Members of affected super funds are advised to:

• Change their passwords immediately.
• Enable multi-factor authentication (MFA) where available.
• Monitor account activity for any unauthorized transactions.
• Stay informed through official fund communications.

As the cyber threat landscape continues to evolve, the superannuation industry faces increasing pressure to fortify its digital infrastructure and ensure members’ financial futures remain protected.

Disclaimer:

Pristine Gaze Pty Ltd trading as Pristine Gaze (ABN 66 680 815 678) and (ACN 680 815 678) is a Corporate Authorised Representative (CAR No. 001312049) of Alpha Securities Pty Ltd (AFSL 330757). The information provided is general information only. Any advice is general advice only. No consideration has been given or will be given to individual objectives, financial situation, or specific needs of any particular person or organisation. The decision to engage our services and the method selected is a personal decision and involves inherent risks, and you must undertake your own investigations and obtain independent advice regarding suitability for your circumstances. Past performance, examples, or projections are not indicative of future results. While we strive to provide accurate information, we make no guarantees regarding the accuracy or completeness of our materials. The website may also contain links to third-party websites or resources, for which Pristine Gaze is not responsible. All content and intellectual property on the Pristine Gaze website, including but not limited to text, graphics, logos, and images, are the property of Pristine Gaze and are protected by applicable copyright and trademark laws. By accessing or using the Pristine Gaze website, you acknowledge and agree to the terms of this disclaimer. Please read our Terms and Conditions, Privacy Policy and Financial Service Guide for further information. Please read our Terms and Conditions, Privacy Policy and Financial Service Guide for further information.