Attackers have struck Australian superannuation funds by exploiting stolen login details to gain unauthorized access to members’ accounts.
AustralianSuper reported that as many as “600” members were affected, whereas Rest Super stated that fewer than 1% of its members were impacted, which translates to less than 20,000 based on its latest financial report [pdf].
Although other funds were reportedly involved in the breach, this has not yet been confirmed by iTnews. Verification is pending.
Vicki Doyle, CEO of Rest, revealed that they detected “unauthorized activity” on their member access portal “during the weekend of 29-30 March.”
“We responded promptly by suspending the member access portal, conducting investigations, and initiating our cyber security incident response procedures,” stated Doyle.
While acknowledging their “incident response procedures” for minimizing the impact, the fund acknowledged the incident “would understandably cause distress to affected members, and we deeply regret this occurrence.”
Doyle mentioned that no member funds were withdrawn, but “certain personal details” may have been compromised.
“We are reaching out to affected members to guide them through the implications and offer assistance,” expressed Doyle.
Rose Kerlin, Chief Member Officer at AustralianSuper, noted an increase in dubious activities across the member portal and mobile app over the past week.
“This week we noticed that cyber criminals might have used up to 600 members’ stolen passwords to access their accounts for fraudulent purposes,” informed Kerlin.
“While we promptly locked these accounts and informed the members, there are immediate actions members can take to enhance their online security.”
AustralianSuper advised members to log into their accounts “to verify the accuracy of their bank details and contact information and establish a strong and unique password exclusive to this site.”
They also mentioned collaborating with “the Australian Signals Directorate, the National Office of Cyber Security, regulatory bodies, and other authorities” post the unauthorized access discovery.
Lieutenant General Michelle McGuinness, the National Cyber Security Coordinator, verified that “individual account holders of several superannuation funds are being targeted by cyber criminals.”
“I am collaborating with various Australian government agencies, financial system regulators, and industry stakeholders to provide cyber security guidance and coordinate a comprehensive government response to this incident,” stated McGuinness in a LinkedIn post.
“The Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) are liaising with all potentially affected superannuation funds to ensure members’ safety.”
Other superannuation funds acknowledged the incident and are determining their involvement in it.
A HostPlus representative stated that they are “actively investigating the situation to ascertain the facts and the extent of Hostplus’s exposure.”
“While the investigation is ongoing, we can confirm that no Hostplus members have suffered losses,” the representative assured.
“Our utmost priority is the security and confidentiality of our members and their accounts. We are enacting all necessary measures to safeguard our systems and data.
“Recognizing the significance of transparency, we will furnish additional information as it becomes accessible.”
About Author
