At least five super companies targeted by cyberattack

At least five superannuation companies have been the targets of cyberattacks in recent days.

At least five super companies targeted by cyberattack

At least five superannuation companies have been the targets of cyberattacks in recent days.

AustralianSuper, Australian Retirement Trust (ART), Rest, Insignia Financial, and Hostplus have confirmed they were impacted.

Australia’s cybersecurity agency has said people with the affected funds should be “vigilant” about fraud.

Attack

In a statement, AustralianSuper said there had been a “spike in suspicious activity across [its] member portal and mobile app” over the past week.

It alleged cyber criminals used up to 600 members’ stolen passwords to log into their accounts in attempts to commit fraud. AustralianSuper said it took “immediate action to lock these accounts.”

Nine newspapers reported funds had been taken from some members’ accounts.

Other funds

Hostplus told TDA it is “actively investigating” the situation and taking “all necessary measures” to protect systems and data. It confirmed none of its members had lost money.

You have read 0 articles this year.

Your contribution ensures The Daily Aus can continue doing the work you love.

Rest confirmed to TDA that around 1% of members were impacted, and “no member money has left accounts,” with an investigation still ongoing.

However, Rest said it believes some members’ personal data may have been accessed. This includes first names and email addresses.

Insignia Financial told TDA it had detected an “unusual number of login attempts” targeting its ‘Expand’ super fund, but said at this stage there had been ”no financial impact to customers.“

ART confirmed to TDA their digital security system had “identified unusual login activity.”

As a precaution, impacted accounts were locked, and members were notified.

Response

National Cybersecurity Coordinator Michelle McGuiness said: “Members should follow the advice of their superannuation funds... and be vigilant.”

She encouraged users to visit cyber.gov.au for advice.

AustralianSuper encouraged its members to log into their account to check if their details are correct, and change their password.

Get Australia's free morning news brief.

Trusted by 400,000 Australians. Free, every weekday.

Already subscribed? Just enter your email above. Privacy Policy.